Search criteria
7 vulnerabilities found for FreeStyleWiki by FreeStyleWiki Project
JVNDB-2008-000036
Vulnerability from jvndb - Published: 2008-07-08 12:14 - Updated:2008-07-08 12:14Summary
FreeStyleWiki cross-site scripting vulnerability
Details
FreeStyleWiki contains a cross-site scripting vulnerability.
FreeStyleWiki, one of Wiki clones, contains a cross-site scripting vulnerability.
NetAgent Co., Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000036.html",
"dc:date": "2008-07-08T12:14+09:00",
"dcterms:issued": "2008-07-08T12:14+09:00",
"dcterms:modified": "2008-07-08T12:14+09:00",
"description": "FreeStyleWiki contains a cross-site scripting vulnerability.\r\n\r\nFreeStyleWiki, one of Wiki clones, contains a cross-site scripting vulnerability.\r\n\r\nNetAgent Co., Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000036.html",
"sec:cpe": {
"#text": "cpe:/a:fswiki:wiki",
"@product": "FreeStyleWiki",
"@vendor": "FreeStyleWiki Project",
"@version": "2.2"
},
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2008-000036",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN77432756/index.html",
"@id": "JVN#77432756",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3023",
"@id": "CVE-2008-3023",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3023",
"@id": "CVE-2008-3023",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/30923",
"@id": "SA30923",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/30071",
"@id": "30071",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/43574",
"@id": "43574",
"@source": "XF"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "FreeStyleWiki cross-site scripting vulnerability"
}
JVNDB-2005-000771
Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00Summary
Wiki clone cross-site scripting vulnerability
Details
Some Wiki clones contain a vulnerability which could lead to cross-site scripting in their file attachment function. This could allow an attacker to execute an arbitrary script on the browser of a Wiki user.
References
| Type | URL | |
|---|---|---|
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000771.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Some Wiki clones contain a vulnerability which could lead to cross-site scripting in their file attachment function. This could allow an attacker to execute an arbitrary script on the browser of a Wiki user.",
"link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000771.html",
"sec:cpe": [
{
"#text": "cpe:/a:fswiki:wiki",
"@product": "FreeStyleWiki",
"@vendor": "FreeStyleWiki Project",
"@version": "2.2"
},
{
"#text": "cpe:/a:fswiki:wikilite",
"@product": "FSWikiLite",
"@vendor": "FreeStyleWiki Project",
"@version": "2.2"
},
{
"#text": "cpe:/a:hiki:hiki",
"@product": "Hiki",
"@vendor": "Hiki Development Team",
"@version": "2.2"
},
{
"#text": "cpe:/a:misc:aswiki",
"@product": "AsWiki",
"@vendor": "AsWiki",
"@version": "2.2"
},
{
"#text": "cpe:/a:misc:wiki_modoki",
"@product": "Wiki modoki",
"@vendor": "Wiki Modoki",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2005-000771",
"sec:references": {
"#text": "http://jvn.jp/en/jp/JVN465742E4/index.html",
"@id": "JVN#465742E4",
"@source": "JVN"
},
"title": "Wiki clone cross-site scripting vulnerability"
}
JVNDB-2005-000788
Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00Summary
FreeStyleWiki command injection vulnerability
Details
A cross-site scripting vulnerability exists in FreeStyleWiki's web management interface.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000788.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "A cross-site scripting vulnerability exists in FreeStyleWiki\u0027s web management interface.",
"link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000788.html",
"sec:cpe": {
"#text": "cpe:/a:fswiki:wiki",
"@product": "FreeStyleWiki",
"@vendor": "FreeStyleWiki Project",
"@version": "2.2"
},
"sec:cvss": {
"@score": "7.5",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2005-000788",
"sec:references": {
"#text": "http://jvn.jp/en/jp/JVN42435855/index.html",
"@id": "JVN#42435855",
"@source": "JVN"
},
"title": "FreeStyleWiki command injection vulnerability"
}
JVNDB-2005-000797
Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00Summary
Multiple vulnerabilities in FreeStyleWiki including cross-site scripting
Details
FreeStyleWiki contains a cross-site scripting and a cross-site request forgery vulnerabilities.
The cross-site scripting vulnerability could allow a remote attacker to create a web page containing a malicious script.
The cross-site request forgery vulnerability could allow a remote attacker to manipulate the user's operation if a FreeStyleWiki administrator views a specially crafted web page.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000797.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "FreeStyleWiki contains a cross-site scripting and a cross-site request forgery vulnerabilities.\r\n\r\nThe cross-site scripting vulnerability could allow a remote attacker to create a web page containing a malicious script.\r\nThe cross-site request forgery vulnerability could allow a remote attacker to manipulate the user\u0027s operation if a FreeStyleWiki administrator views a specially crafted web page.",
"link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000797.html",
"sec:cpe": {
"#text": "cpe:/a:fswiki:wiki",
"@product": "FreeStyleWiki",
"@vendor": "FreeStyleWiki Project",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2005-000797",
"sec:references": {
"#text": "http://jvn.jp/en/jp/JVN67001206/index.html",
"@id": "JVN#67001206",
"@source": "JVN"
},
"title": "Multiple vulnerabilities in FreeStyleWiki including cross-site scripting"
}
JVNDB-2006-000612
Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00Summary
FreeStyleWiki cross-site scripting vulnerability
Details
FreeStyleWiki, a Wiki clone program implemented in Perl, contains a cross-site scripting vulnerability.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000612.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "FreeStyleWiki, a Wiki clone program implemented in Perl, contains a cross-site scripting vulnerability.",
"link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000612.html",
"sec:cpe": {
"#text": "cpe:/a:fswiki:wiki",
"@product": "FreeStyleWiki",
"@vendor": "FreeStyleWiki Project",
"@version": "2.2"
},
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2006-000612",
"sec:references": {
"#text": "http://jvn.jp/en/jp/JVN35274905/index.html",
"@id": "JVN#35274905",
"@source": "JVN"
},
"title": "FreeStyleWiki cross-site scripting vulnerability"
}
JVNDB-2005-000796
Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00Summary
Multiple vulnerabilities in FreeStyleWiki including cross-site scripting
Details
FreeStyleWiki contains a cross-site scripting and a cross-site request forgery vulnerabilities.
The cross-site scripting vulnerability could allow a remote attacker to create a web page containing a malicious script.
The cross-site request forgery vulnerability could allow a remote attacker to manipulate the user's operation if a FreeStyleWiki administrator views a specially crafted web page.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000796.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "FreeStyleWiki contains a cross-site scripting and a cross-site request forgery vulnerabilities.\r\n\r\nThe cross-site scripting vulnerability could allow a remote attacker to create a web page containing a malicious script.\r\nThe cross-site request forgery vulnerability could allow a remote attacker to manipulate the user\u0027s operation if a FreeStyleWiki administrator views a specially crafted web page.",
"link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000796.html",
"sec:cpe": {
"#text": "cpe:/a:fswiki:wiki",
"@product": "FreeStyleWiki",
"@vendor": "FreeStyleWiki Project",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2005-000796",
"sec:references": {
"#text": "http://jvn.jp/en/jp/JVN67001206/index.html",
"@id": "JVN#67001206",
"@source": "JVN"
},
"title": "Multiple vulnerabilities in FreeStyleWiki including cross-site scripting"
}
JVNDB-2006-000628
Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00Summary
Wiki clone products vulnerable to denial of service attacks
Details
Wiki clones allow a user via a web browser to edit documents on the web server. Some products of Wiki clones contain a vulnerability which consumes large amounts of CPU and memory resources when handling a particular request.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000628.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Wiki clones allow a user via a web browser to edit documents on the web server. Some products of Wiki clones contain a vulnerability which consumes large amounts of CPU and memory resources when handling a particular request.",
"link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000628.html",
"sec:cpe": {
"#text": "cpe:/a:fswiki:wiki",
"@product": "FreeStyleWiki",
"@vendor": "FreeStyleWiki Project",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2006-000628",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN98836916/index.html",
"@id": "JVN#98836916",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3380",
"@id": "CVE-2006-3380",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3380",
"@id": "CVE-2006-3380",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/20875",
"@id": "SA20875",
"@source": "SECUNIA"
},
{
"#text": "http://www.frsirt.com/english/advisories/2006/2644",
"@id": "FrSIRT/ADV-2006-2644",
"@source": "FRSIRT"
},
{
"#text": "http://www.osvdb.org/26975",
"@id": "26975",
"@source": "OSVDB"
}
],
"title": "Wiki clone products vulnerable to denial of service attacks"
}