VYPR

Moniwiki

by Moniwiki

CVEs (3)

  • CVE-2006-3399Jul 6, 2006
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki before 1.1.2-20060702 allows remote attackers to inject arbitrary Javascript via the URL, which is reflected back in an error message, a variant of CVE-2004-1632.

  • CVE-2004-1545Dec 31, 2004
    risk 0.00cvss epss 0.02

    UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.hwp, which allows remote attackers to upload and execute arbitrary code.

  • CVE-2004-1632Oct 25, 2004
    risk 0.00cvss epss 0.00

    Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the arguments to wiki.php.