Vulnerabilities > Pmwiki > Pmwiki > 2.0.9

DATE CVE VULNERABILITY TITLE RISK
2020-02-05 CVE-2010-4662 Cross-site Scripting vulnerability in Pmwiki
PmWiki before 2.2.21 has XSS.
network
pmwiki CWE-79
4.3
4.3
2011-12-22 CVE-2011-4453 Code Injection vulnerability in Pmwiki
The PageListSort function in scripts/pagelist.php in PmWiki 2.x before 2.2.35 allows remote attackers to execute arbitrary code via PHP sequences in a crafted order parameter in a pagelist directive, leading to unintended use of the PHP create_function function.
network
low complexity
pmwiki CWE-94
7.5
7.5
2006-06-06 CVE-2006-2840 Cross-Site Scripting vulnerability in PmWiki
Cross-site scripting (XSS) vulnerability in (1) uploads.php and (2) "url links" in PmWiki 2.1.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
network
pmwiki
6.8
6.8
2005-11-27 CVE-2005-3849 Cross-Site Scripting vulnerability in PmWiki Search
Cross-site scripting (XSS) vulnerability in the Search module in PmWiki up to 2.0.12 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
network
pmwiki
4.3
4.3