Vulnerabilities > Mozilo > Mozilowiki > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-02-13 | CVE-2008-6131 | Improper Authentication vulnerability in Mozilo Mozilowiki Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | 6.0 |
| 2009-02-13 | CVE-2008-6130 | Cross-Site Scripting vulnerability in Mozilo Mozilowiki Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) action and (2) page parameters. | 4.3 |
| 2009-02-13 | CVE-2008-6129 | Path Traversal vulnerability in Mozilo Mozilowiki Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attackers to read arbitrary files via a .. | 4.3 |