Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Moinmo Subscribe
Total 26 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-4762 1 Moinmo 1 Moinmoin 2010-05-26 7.5 HIGH N/A
MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603.
CVE-2010-1238 1 Moinmo 1 Moinmoin 2010-04-27 5.0 MEDIUM N/A
MoinMoin 1.7.1 allows remote attackers to bypass the textcha protection mechanism by modifying the textcha-question and textcha-answer fields to have empty values.
CVE-2010-0669 1 Moinmo 1 Moinmoin 2010-03-30 7.5 HIGH N/A
MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitize user profiles, which has unspecified impact and attack vectors.
CVE-2010-0667 1 Moinmo 1 Moinmoin 2010-02-28 5.0 MEDIUM N/A
MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2008-6548 1 Moinmo 1 Moinmoin 2009-03-29 5.0 MEDIUM N/A
The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check the ACL of an included page, which allows attackers to read unauthorized include files via unknown vectors.
CVE-2008-6549 1 Moinmo 1 Moinmoin 2009-03-29 5.0 MEDIUM N/A
The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors.