pkg:PyPI/moin

68 total CVEsHIGH14MEDIUM34

✅ Check your installed version

All known vulnerabilities

HIGH8.8CVE-2020-25074MoinMoin vulnerable to remote code execution via cache action
from 0, < 1.9.11
HIGH8.8CVE-2020-25074MoinMoin vulnerable to remote code execution via cache action
from 0, < 1.9.11
HIGH8.7CVE-2020-15275malicious SVG attachment causing stored XSS vulnerability
from 0, < 1.9.11
HIGH8.7CVE-2020-15275malicious SVG attachment causing stored XSS vulnerability
from 0, < 31de9139d0aabc171e94032168399b4a0b2a88a2 | from 0, < 1.9.11
HIGH7.5CVE-2008-6549MoinMoin Denial of Service vulnerability via password_checker function
from 0, < 1.6.1
HIGH7.5CVE-2008-6549MoinMoin Denial of Service vulnerability via password_checker function
from 0, < 1.6.1
HIGH7.5CVE-2008-6603MoinMoin Access Restrictions Bypassed due to improper ACL enforcement
from 0, < 1.6.3
HIGH7.5CVE-2008-6603MoinMoin Access Restrictions Bypassed due to improper ACL enforcement
from 0, < 1.6.3
HIGH7.5CVE-2010-0667MoinMoin Exposure of Sensitive Disclosure when GATEWAY_INTERFACE variable is set
>= 1.9, < 1.9.1
HIGH7.5CVE-2010-0667MoinMoin Exposure of Sensitive Disclosure when GATEWAY_INTERFACE variable is set
>= 1.9, < 1.9.1
HIGH7.5CVE-2009-4762MoinMoin Improper Access Control vulnerability
>= 1.7.0, < 1.7.3
HIGH7.5CVE-2009-4762MoinMoin Improper Access Control vulnerability
>= 1.7, < 1.7.3, >= 1.8, < 1.8.3
HIGH7.5CVE-2008-1937MoinMoin vulnerable to privilege escalation
from 0, < 1.6.3
HIGH7.5CVE-2008-1937MoinMoin vulnerable to privilege escalation
from 0, < 1.6.3
MEDIUM6.3CVE-2012-6081MoinMoin Multiple unrestricted file upload vulnerabilities
from 0, < 1.9.6
MEDIUM6.3CVE-2012-6081MoinMoin Multiple unrestricted file upload vulnerabilities
from 0, < 1.9.6
MEDIUM6.1CVE-2010-2487moin - cross-site scripting
from 0, <= 1.7.3
MEDIUM6.1CVE-2010-2969MoinMoin cross-site scripting (XSS) vulnerability
from 0, <= 1.7.3
MEDIUM6.1CVE-2010-2487moin - cross-site scripting
>= 1.8, < 1.8.8, >= 1.9, < 1.9.3
MEDIUM6.1CVE-2010-2970MoinMoin cross-site scripting (XSS) vulnerability
>= 1.9.0, < 1.9.3
MEDIUM6.1CVE-2010-2970MoinMoin cross-site scripting (XSS) vulnerability
>= 1.9, < 1.9.3
MEDIUM6.1CVE-2010-2969MoinMoin cross-site scripting (XSS) vulnerability
>= 1.9, < 1.9.3
MEDIUM6.1CVE-2012-6082MoinMoin Cross-site scripting (XSS) vulnerability
from 0, < 1.9.6
MEDIUM6.1CVE-2012-6082MoinMoin Cross-site scripting (XSS) vulnerability
from 0, < 1.9.6
MEDIUM6.1CVE-2016-7146moin - security update
from 0, < 1.9.9
MEDIUM6.1CVE-2016-7148MoinMoin Cross-site Scripting (XSS) vulnerability
from 0, < 1.9.9
MEDIUM6.1CVE-2016-7146moin - security update
>= 1.9.8, < 1.9.9
MEDIUM6.1CVE-2016-7148MoinMoin Cross-site Scripting (XSS) vulnerability
from 0, < 1.9.9
MEDIUM6.1CVE-2016-9119MoinMoin Cross-site Scripting (XSS) vulnerability
from 0, < 1.9.8
MEDIUM6.1CVE-2016-9119MoinMoin Cross-site Scripting (XSS) vulnerability
from 0, < 1.9.8
MEDIUM6.1CVE-2011-1058moin - cross-site scripting
from 0, < 1.9.3
MEDIUM6.1CVE-2011-1058moin - cross-site scripting
from 0, < 1.9.3
MEDIUM6.1CVE-2009-1482moin - cross-site scripting
from 0, < 1.8.3
MEDIUM6.1CVE-2009-1482moin - cross-site scripting
from 0, < 1.8.3
MEDIUM6.1CVE-2008-3381MoinMoin Multiple cross-site scripting (XSS) vulnerabilities
from 0, < 1.6.4
MEDIUM6.1CVE-2008-3381MoinMoin Multiple cross-site scripting (XSS) vulnerabilities
from 0, < 1.6.4
MEDIUM6.1CVE-2017-5934moin - security update
from 0, < 70955a8eae091cc88fd9a6e510177e70289ec024 | from 0, < 1.9.10
MEDIUM6.1CVE-2017-5934moin - security update
from 0, < 1.9.10
MEDIUM5.4CVE-2012-4404moin - privilege escalation
>= 1.9, < 1.9.5
MEDIUM5.4CVE-2012-4404moin - privilege escalation
>= 1.9, < 1.9.5
MEDIUM5.4CVE-2010-0828moin - cross-site scripting
from 0, < 1.9.3
MEDIUM5.4CVE-2010-0828moin - cross-site scripting
>= 1.9.0, < 1.9.3
MEDIUM5.3CVE-2008-6548MoinMoin improper access control on the included page for the rst parser
from 0
MEDIUM5.3CVE-2008-6548MoinMoin improper access control on the included page for the rst parser
from 0, < 1.6.2
MEDIUM5.3CVE-2012-6080moin - several
>= 1.9.3, < 1.9.6
MEDIUM5.3CVE-2012-6080moin - several
>= 1.9.3, < 1.9.6
MEDIUM4.3CVE-2012-6495MoinMoin Multiple vulnerable to directory traversal
from 0, < 1.9.6
MEDIUM4.3CVE-2012-6495MoinMoin Multiple vulnerable to directory traversal
from 0, < 1.9.6
—CVE-2010-0717MoinMoin has improper default configuration
from 0, < 1.8.7
—CVE-2010-0717MoinMoin has improper default configuration
from 0, < 1.8.7
—CVE-2010-0668moin - several vulnerabilities
>= 1.5, < 1.8.7
—CVE-2010-0668moin - several vulnerabilities
>= 1.8, < 1.8.7, >= 1.9, < 1.9.2
—CVE-2010-0669MoinMoin improper sanitizes user profiles
from 0, < 1.8.7, >= 1.9, < 1.9.2
—CVE-2010-0669MoinMoin improper sanitizes user profiles
from 0, < 1.8.7
—CVE-2009-0312MoinMoin Cross-site scripting (XSS) vulnerability in the antispam feature
from 0, < 1.8.2
—CVE-2009-0260moin - insufficient input sanitising
from 0, < 1.8.1
—CVE-2008-1099MoinMoin Improper Access Control
from 0, <= 1.5.8
—CVE-2008-1098MoinMoin Multiple cross-site scripting (XSS) vulnerabilities
from 0, <= 1.5.8
—CVE-2008-0782MoinMoin Directory traversal vulnerability
from 0, <= 1.5.8
—CVE-2008-0780MoinMoin Cross-site scripting (XSS) vulnerability
>= 1.5, <= 1.5.8
—CVE-2008-0781MoinMoin Multiple cross-site scripting (XSS) vulnerabilities
from 0, <= 1.5.8
—CVE-2007-2637MoinMoin Improper ACL handling for calendars and includes
from 0, < 1.5.8
—CVE-2007-0901MoinMoin Cross-Site Scripting (XSS) vulnerability via hitcounts and general parameters
from 0, < 1.5.8
—CVE-2007-0902MoinMoin Insertion of Sensitive Information into Log File
>= 1.5.7, < 1.5.8
—CVE-2007-0857MoinMoin Multiple cross-site scripting (XSS) vulnerabilities
from 0, < 1.5.7
—CVE-2004-1462MoinMoin Improper Access Control
from 0, < 1.2.3
—CVE-2004-1463MoinMoin Improper Privilege Management
from 0, < 1.2.3
—CVE-2004-0708MoinMoin allows administrative access
from 0, < 1.2.2