Cpe Name:
cpe:2.3:a:ikiwiki:ikiwiki:3.09:*:*:*:*:*:*:*
| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2012-0220 |
79 |
|
XSS |
2012-05-29 |
2017-08-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin (Plugin/meta.pm) in ikiwiki before 3.20120516 allow remote attackers to inject arbitrary web script or HTML via the (1) author or (2) authorurl meta tags. |
|
2 |
CVE-2011-1401 |
79 |
|
XSS |
2011-04-11 |
2011-04-20 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
ikiwiki before 3.20110328 does not ascertain whether the htmlscrubber plugin is enabled during processing of the "meta stylesheet" directive, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via crafted Cascading Style Sheets (CSS) token sequences in (1) the default stylesheet or (2) an alternate stylesheet. |
|
3 |
CVE-2010-1195 |
79 |
|
XSS |
2010-03-31 |
2010-04-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the htmlscrubber component in ikiwiki 2.x before 2.53.5 and 3.x before 3.20100312 allows remote attackers to inject arbitrary web script or HTML via a crafted data:image/svg+xml URI. |
|
4 |
CVE-2009-2944 |
|
|
|
2009-08-31 |
2017-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Incomplete blacklist vulnerability in the teximg plugin in ikiwiki before 3.1415926 and 2.x before 2.53.4 allows context-dependent attackers to read arbitrary files via crafted TeX commands. |
Total number of vulnerabilities :
4
Page :
1
(This Page)
