Moinmo

moinmo

26 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (26)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-0668 1Moinmo 1Moinmoin Apr 29, 2026 Feb 26, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc acti...Show more Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured.Show less
CVE-2010-0667 1Moinmo 1Moinmoin Apr 29, 2026 Feb 26, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information...Show more MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors.Show less
CVE-2009-1482 2Moinmo Moinmoin 2Moinmoin Moinmoin Apr 23, 2026 Apr 29, 2009 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) an AttachFile sub-action in the error_msg fu...Show more Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) an AttachFile sub-action in the error_msg function or (2) multiple vectors related to package file errors in the upload_form function, different vectors than CVE-2009-0260.Show less
CVE-2008-6603 1Moinmo 1Moinmoin Apr 23, 2026 Apr 3, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_hierarchic is set to True, which might allow remote attackers to bypass intended access restrictions, a different vulnerability than CVE-2008-1937.
CVE-2008-6549 1Moinmo 1Moinmoin Apr 23, 2026 Mar 30, 2009 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segme...Show more The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors.Show less
CVE-2008-6548 1Moinmo 1Moinmoin Apr 23, 2026 Mar 30, 2009 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check the ACL of an included page, which allows attackers to read unauthorized include files via unknown vectors.