pkg:Debian/ikiwiki

所有已知漏洞

• CRITICAL9.8CVE-2017-0356A flaw, similar to to CVE-2016-9646, exists in ikiwiki before 3.20170111, in the passwordauth plugin's use of CGI::FormBuilder, allowing an…
  from 0, < 3.20170111
• HIGH8.2CVE-2011-1408ikiwiki before 3.20110608 allows remote attackers to hijack root's tty and run symlink attacks.
  from 0, < 3.20110608
• HIGH7.5CVE-2019-9187ikiwiki - security update
  from 0, < 3.20141016.4+deb8u1
• HIGH7.5CVE-2019-9187ikiwiki - security update
  from 0, < 3.20170111.1
• HIGH7.5CVE-2019-9187ikiwiki - security update
  from 0, < 3.20190228-1
• HIGH7.5CVE-2016-10026ikiwiki - security update
  from 0, < 3.20141016.4
• HIGH7.5CVE-2016-10026ikiwiki - security update
  from 0, < 3.20120629.2+deb7u2
• HIGH7.5CVE-2016-10026ikiwiki - security update
  from 0, < 3.20161219
• MEDIUM6.5CVE-2016-9645The fix for ikiwiki for CVE-2016-10026 was incomplete resulting in editing restriction bypass for git revert when using git versions older…
  from 0, < 3.20161229
• MEDIUM6.1CVE-2015-2793Cross-site scripting (XSS) vulnerability in templates/openid-selector.tmpl in ikiwiki before 3.20150329 allows remote attackers to inject a…
  from 0, < 3.20141016.2
• MEDIUM6.1CVE-2010-1673A cross-site scripting (XSS) vulnerability in ikiwiki before 3.20101112 allows remote attackers to inject arbitrary web script or HTML via…
  from 0, < 3.20101112
• MEDIUM6.1CVE-2011-0428Cross Site Scripting (XSS) in ikiwiki before 3.20110122 could allow remote attackers to insert arbitrary JavaScript due to insufficient che…
  from 0, < 3.20110122
• MEDIUM6.1CVE-2016-4561ikiwiki - security update
  from 0, < 3.20120629.2+deb7u1
• MEDIUM6.1CVE-2016-4561ikiwiki - security update
  from 0, < 3.20141016.3
• MEDIUM6.1CVE-2016-4561ikiwiki - security update
  from 0, < 3.20160506
• MEDIUM5.3CVE-2016-9646ikiwiki before 3.20161229 incorrectly called the CGI::FormBuilder->field method (similar to the CGI->param API that led to Bugzilla's CVE-2…
  from 0, < 3.20161229
• —CVE-2012-0220ikiwiki - cross-site scripting
  from 0, < 3.20120516
• —CVE-2012-0220ikiwiki - cross-site scripting
  from 0, < 3.20100815.9
• —CVE-2011-1401ikiwiki - missing input validation
  from 0, < 3.20110328
• —CVE-2011-1401ikiwiki - missing input validation
  from 0, < 2.53.6
• —CVE-2010-1195ikiwiki - cross-site scripting
  from 0, < 2.53.5
• —CVE-2010-1195ikiwiki - cross-site scripting
  from 0, < 3.20100312
• —CVE-2009-2944ikiwiki - information disclosure
  from 0, < 3.1415926
• —CVE-2009-2944ikiwiki - information disclosure
  from 0, < 2.53.4
• —CVE-2008-0169Plugin/passwordauth.pm (aka the passwordauth plugin) in ikiwiki 1.34 through 2.47 allows remote attackers to bypass authentication, and log…
  from 0, < 2.48
• —CVE-2008-0165ikiwiki - cross-site request forgery
  from 0, < 1.33.5
• —CVE-2008-0165ikiwiki - cross-site request forgery
  from 0, < 2.42
• —CVE-2008-0809Cross-site scripting (XSS) vulnerability in the htmlscrubber in Ikiwiki before 1.1.46 allows remote attackers to inject arbitrary web scrip…
  from 0, < 2.31.1
• —CVE-2008-0808ikiwiki - cross-site scripting
  from 0, < 2.31.1
• —CVE-2008-0808ikiwiki - cross-site scripting
  from 0, < 1.33.4