Search criteria
9 vulnerabilities found for mozilowiki by mozilo
FKIE_CVE-2008-6129
Vulnerability from fkie_nvd - Published: 2009-02-13 18:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilo | mozilowiki | * | |
| mozilo | mozilowiki | 0.7 | |
| mozilo | mozilowiki | 0.8 | |
| mozilo | mozilowiki | 0.9 | |
| mozilo | mozilowiki | 0.10 | |
| mozilo | mozilowiki | 1.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC5BD93-E47A-4F88-853C-24D171404F23",
"versionEndIncluding": "1.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A602EEA0-013E-4E3D-A904-97632DDD2DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "54A8E85E-3A1C-4035-8DAE-290E3510AE9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "089CA3DE-0AA3-4F07-B262-84FF0724F49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "43CDFD22-4C42-4AE4-BFF4-CCD2E63B2E4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5296C472-7DF6-4C1C-A695-451A5DA98F42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en print.php en moziloWiki v1.0.1 y versiones anteriores permite a atacantes remotos leer ficheros de su elecci\u00f3n utilizando los caracteres .. (punto punto) en el par\u00e1metro \"page\"."
}
],
"id": "CVE-2008-6129",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-02-13T18:30:04.610",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32024"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"source": "cve@mitre.org",
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31493"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31493"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45523"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-6130
Vulnerability from fkie_nvd - Published: 2009-02-13 18:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) action and (2) page parameters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilo | mozilowiki | * | |
| mozilo | mozilowiki | 0.7 | |
| mozilo | mozilowiki | 0.8 | |
| mozilo | mozilowiki | 0.9 | |
| mozilo | mozilowiki | 0.10 | |
| mozilo | mozilowiki | 1.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC5BD93-E47A-4F88-853C-24D171404F23",
"versionEndIncluding": "1.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A602EEA0-013E-4E3D-A904-97632DDD2DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "54A8E85E-3A1C-4035-8DAE-290E3510AE9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "089CA3DE-0AA3-4F07-B262-84FF0724F49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "43CDFD22-4C42-4AE4-BFF4-CCD2E63B2E4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5296C472-7DF6-4C1C-A695-451A5DA98F42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) action and (2) page parameters."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en index.php en moziloWiki v1.0.1 y versiones anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n mediante los par\u00e1metros (1) \"action\" y (2) \"page\"."
}
],
"id": "CVE-2008-6130",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-02-13T18:30:04.627",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32024"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"source": "cve@mitre.org",
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31493"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31493"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45527"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-6131
Vulnerability from fkie_nvd - Published: 2009-02-13 18:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilo | mozilowiki | * | |
| mozilo | mozilowiki | 0.7 | |
| mozilo | mozilowiki | 0.8 | |
| mozilo | mozilowiki | 0.9 | |
| mozilo | mozilowiki | 0.10 | |
| mozilo | mozilowiki | 1.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC5BD93-E47A-4F88-853C-24D171404F23",
"versionEndIncluding": "1.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A602EEA0-013E-4E3D-A904-97632DDD2DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "54A8E85E-3A1C-4035-8DAE-290E3510AE9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "089CA3DE-0AA3-4F07-B262-84FF0724F49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "43CDFD22-4C42-4AE4-BFF4-CCD2E63B2E4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilo:mozilowiki:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5296C472-7DF6-4C1C-A695-451A5DA98F42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de fijaci\u00f3n de identificador de sesi\u00f3n en moziloWiki v1.0.1 y versiones anteriores permite a atacantes remotos robar sesiones web al prefijar el par\u00e1metro \"PHPSESSID\"."
}
],
"id": "CVE-2008-6131",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-02-13T18:30:04.657",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32024"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"source": "cve@mitre.org",
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31493"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31493"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45528"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2008-6131 (GCVE-0-2008-6131)
Vulnerability from cvelistv5 – Published: 2009-02-13 18:00 – Updated: 2024-08-07 11:20
VLAI?
Summary
Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:20:25.220Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"name": "mozilowiki-phpsessid-session-hijacking(45528)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45528"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32024"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "31493",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31493"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"name": "mozilowiki-phpsessid-session-hijacking(45528)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45528"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32024"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "31493",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31493"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6131",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"name": "mozilowiki-phpsessid-session-hijacking(45528)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45528"
},
{
"name": "http://wiki.mozilo.de/index.php?page=Changelog",
"refsource": "CONFIRM",
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32024"
},
{
"name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56",
"refsource": "MISC",
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "31493",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31493"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6131",
"datePublished": "2009-02-13T18:00:00",
"dateReserved": "2009-02-13T00:00:00",
"dateUpdated": "2024-08-07T11:20:25.220Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6130 (GCVE-0-2008-6130)
Vulnerability from cvelistv5 – Published: 2009-02-13 18:00 – Updated: 2024-08-07 11:20
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) action and (2) page parameters.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:20:25.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32024"
},
{
"name": "mozilowiki-index-xss(45527)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45527"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "31493",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31493"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) action and (2) page parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32024"
},
{
"name": "mozilowiki-index-xss(45527)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45527"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "31493",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31493"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) action and (2) page parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"name": "http://wiki.mozilo.de/index.php?page=Changelog",
"refsource": "CONFIRM",
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32024"
},
{
"name": "mozilowiki-index-xss(45527)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45527"
},
{
"name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56",
"refsource": "MISC",
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "31493",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31493"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6130",
"datePublished": "2009-02-13T18:00:00",
"dateReserved": "2009-02-13T00:00:00",
"dateUpdated": "2024-08-07T11:20:25.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6129 (GCVE-0-2008-6129)
Vulnerability from cvelistv5 – Published: 2009-02-13 18:00 – Updated: 2024-08-07 11:20
VLAI?
Summary
Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:20:25.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32024"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "mozilowiki-print-directory-traversal(45523)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45523"
},
{
"name": "31493",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31493"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32024"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "mozilowiki-print-directory-traversal(45523)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45523"
},
{
"name": "31493",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31493"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"name": "http://wiki.mozilo.de/index.php?page=Changelog",
"refsource": "CONFIRM",
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32024"
},
{
"name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56",
"refsource": "MISC",
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "mozilowiki-print-directory-traversal(45523)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45523"
},
{
"name": "31493",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31493"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6129",
"datePublished": "2009-02-13T18:00:00",
"dateReserved": "2009-02-13T00:00:00",
"dateUpdated": "2024-08-07T11:20:25.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6131 (GCVE-0-2008-6131)
Vulnerability from nvd – Published: 2009-02-13 18:00 – Updated: 2024-08-07 11:20
VLAI?
Summary
Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:20:25.220Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"name": "mozilowiki-phpsessid-session-hijacking(45528)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45528"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32024"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "31493",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31493"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"name": "mozilowiki-phpsessid-session-hijacking(45528)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45528"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32024"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "31493",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31493"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6131",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"name": "mozilowiki-phpsessid-session-hijacking(45528)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45528"
},
{
"name": "http://wiki.mozilo.de/index.php?page=Changelog",
"refsource": "CONFIRM",
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32024"
},
{
"name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56",
"refsource": "MISC",
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "31493",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31493"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6131",
"datePublished": "2009-02-13T18:00:00",
"dateReserved": "2009-02-13T00:00:00",
"dateUpdated": "2024-08-07T11:20:25.220Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6130 (GCVE-0-2008-6130)
Vulnerability from nvd – Published: 2009-02-13 18:00 – Updated: 2024-08-07 11:20
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) action and (2) page parameters.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:20:25.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32024"
},
{
"name": "mozilowiki-index-xss(45527)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45527"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "31493",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31493"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) action and (2) page parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32024"
},
{
"name": "mozilowiki-index-xss(45527)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45527"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "31493",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31493"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) action and (2) page parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"name": "http://wiki.mozilo.de/index.php?page=Changelog",
"refsource": "CONFIRM",
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32024"
},
{
"name": "mozilowiki-index-xss(45527)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45527"
},
{
"name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56",
"refsource": "MISC",
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "31493",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31493"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6130",
"datePublished": "2009-02-13T18:00:00",
"dateReserved": "2009-02-13T00:00:00",
"dateUpdated": "2024-08-07T11:20:25.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6129 (GCVE-0-2008-6129)
Vulnerability from nvd – Published: 2009-02-13 18:00 – Updated: 2024-08-07 11:20
VLAI?
Summary
Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:20:25.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32024"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "mozilowiki-print-directory-traversal(45523)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45523"
},
{
"name": "31493",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31493"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32024"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "mozilowiki-print-directory-traversal(45523)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45523"
},
{
"name": "31493",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31493"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122278832621348\u0026w=2"
},
{
"name": "http://wiki.mozilo.de/index.php?page=Changelog",
"refsource": "CONFIRM",
"url": "http://wiki.mozilo.de/index.php?page=Changelog"
},
{
"name": "32024",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32024"
},
{
"name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56",
"refsource": "MISC",
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls56"
},
{
"name": "mozilowiki-print-directory-traversal(45523)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45523"
},
{
"name": "31493",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31493"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6129",
"datePublished": "2009-02-13T18:00:00",
"dateReserved": "2009-02-13T00:00:00",
"dateUpdated": "2024-08-07T11:20:25.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}