The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2020-15362 | wifiscanner.js in thingsSDK WiFi Scanner 1.0.1 allows Code Injection because it can be used with options to overwrite the default executable/binary path and its arguments. An attacker can abuse this functionality to execute arbitrary code. | HIGH | Jul 6, 2020 |
| CVE-2022-33106 | WiJungle NGFW Version U250 was discovered to be vulnerable to No Rate Limit attack, allowing the attacker to brute force the admin password leading to Account Take Over. | -- | Oct 14, 2022 |
| CVE-2023-5544 | Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk. | -- | Nov 9, 2023 |
| CVE-2008-1579 | Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attackers to obtain sensitive information (user names) by reading the error message produced upon access to a nonexistent blog. | Medium | Jun 12, 2008 |
| CVE-2010-0523 | Wiki Server in Apple Mac OS X 10.5.8 does not restrict the file types of uploaded files, which allows remote attackers to obtain sensitive information or possibly have unspecified other impact via a crafted file, as demonstrated by a Java applet. | Medium | Mar 31, 2010 |
| CVE-2010-0534 | Wiki Server in Apple Mac OS X 10.6 before 10.6.3 does not enforce the service access control list (SACL) for weblogs during weblog creation, which allows remote authenticated users to publish content via HTTP requests. | MEDIUM | Mar 31, 2010 |
| CVE-2015-1151 | Wiki Server in Apple OS X Server before 4.1 allows remote attackers to bypass intended restrictions on Activity and People pages by connecting from an iPad client. | Medium | Apr 29, 2015 |
| CVE-2016-1787 | Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors. | MEDIUM | Mar 25, 2016 |
| CVE-2021-21383 | Wiki.js an open-source wiki app built on Node.js. Wiki.js before version 2.5.191 is vulnerable to stored cross-site scripting through mustache expressions in code blocks. This vulnerability exists due to mustache expressions being parsed by Vue during content injection even though it is contained within a `<pre>` element. By creating a crafted wiki page, a malicious Wiki.js user may stage a stored cross-site scripting attack. This allows the attacker to execute malicious JavaScript when the page is viewed by other users. For an example see referenced GitHub Security Advisory. Commit 5ffa189383dd716f12b56b8cae2ba0d075996cf1 fixes this vulnerability by adding the v-pre directive to all `<pre>` tags during the render. | LOW | Mar 18, 2021 |
| CVE-2022-23654 | Wiki.js is a wiki app built on Node.js. In affected versions an authenticated user with write access on a restricted set of paths can update a page outside the allowed paths by specifying a different target page ID while keeping the path intact. The access control incorrectly check the path access against the user-provided values instead of the actual path associated to the page ID. Commit https://github.com/Requarks/wiki/commit/411802ec2f654bb5ed1126c307575b81e2361c6b fixes this vulnerability by checking access control on the path associated with the page ID instead of the user-provided value. When the path is different than the current value, a second access control check is then performed on the user-provided path before the move operation. | LOW | Feb 24, 2022 |
| CVE-2021-43800 | Wiki.js is a wiki app built on Node.js. Prior to version 2.5.254, directory traversal outside of Wiki.js context is possible when a storage module with local asset cache fetching is enabled on a Windows host. A malicious user can potentially read any file on the file system by crafting a special URL that allows for directory traversal. This is only possible on a Wiki.js server running on Windows, when a storage module implementing local asset cache (e.g Local File System or Git) is enabled and that no web application firewall solution (e.g. cloudflare) strips potentially malicious URLs. Commit number 414033de9dff66a327e3f3243234852f468a9d85 fixes this vulnerability by sanitizing the path before it is passed on to the storage module. The sanitization step removes any windows directory traversal sequences from the path. As a workaround, disable any storage module with local asset caching capabilities (Local File System, Git). | MEDIUM | Dec 8, 2021 |
| CVE-2021-43855 | Wiki.js is a wiki app built on node.js. Wiki.js 2.5.263 and earlier is vulnerable to stored cross-site scripting through a SVG file upload made via a custom request with a fake MIME type. By creating a crafted SVG file, a malicious Wiki.js user may stage a stored cross-site scripting attack. This allows the attacker to execute malicious JavaScript when the SVG is viewed directly by other users. Scripts do not execute when loaded inside a page via normal `<img>` tags. The malicious SVG can only be uploaded by crafting a custom request to the server with a fake MIME type. A patch in version 2.5.264 fixes this vulnerability by adding an additional file extension verification check to the optional (enabled by default) SVG sanitization step to all file uploads that match the SVG mime type. As a workaround, disable file upload for all non-trusted users. | LOW | Dec 27, 2021 |
| CVE-2021-43856 | Wiki.js is a wiki app built on Node.js. Wiki.js 2.5.263 and earlier is vulnerable to stored cross-site scripting through non-image file uploads for file types that can be viewed directly inline in the browser. By creating a malicious file which can execute inline JS when viewed in the browser (e.g. XML files), a malicious Wiki.js user may stage a stored cross-site scripting attack. This allows the attacker to execute malicious JavaScript when the file is viewed directly by other users. The file must be opened directly by the user and will not trigger directly in a normal Wiki.js page. A patch in version 2.5.264 fixes this vulnerability by adding an optional (enabled by default) force download flag to all non-image file types, preventing the file from being viewed inline in the browser. As a workaround, disable file upload for all non-trusted users. --- Thanks to @Haxatron for reporting this vulnerability. Initially reported via https://huntr.dev/bounties/266bff09-00d9-43ca-a4bb-bb540642811f/ | LOW | Dec 27, 2021 |
| CVE-2021-43842 | Wiki.js is a wiki app built on Node.js. Wiki.js versions 2.5.257 and earlier are vulnerable to stored cross-site scripting through a SVG file upload. By creating a crafted SVG file, a malicious Wiki.js user may stage a stored cross-site scripting attack. This allows the attacker to execute malicious JavaScript when the SVG is viewed directly by other users. Scripts do not execute when loaded inside a page via normal `<img>` tags. Commit 5d3e81496fba1f0fbd64eeb855f30f69a9040718 fixes this vulnerability by adding an optional (enabled by default) SVG sanitization step to all file uploads that match the SVG mime type. As a workaround, disable file upload for all non-trusted users. Wiki.js version 2.5.260 is the first production version to contain a patch. Version 2.5.258 is the first development build to contain a patch and is available only as a Docker image as requarks/wiki:canary-2.5.258. | -- | Dec 21, 2021 |
| CVE-2019-16917 | WiKID Enterprise 2FA (two factor authentication) Enterprise Server through 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, unsanitized, in a SQL query constructed in the buildSearchWhereClause function. | MEDIUM | Oct 22, 2019 |
| CVE-2018-18075 | WikidForum 2.20 has SQL Injection via the rpc.php parent_post_id or num_records parameter, or the index.php?action=search select_sort parameter. | HIGH | Oct 9, 2018 |
| CVE-2024-25107 | WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis. On Special:WikiDiscover, the `Language::date` function is used when making the human-readable timestamp for inclusion on the wiki_creation column. This function uses interface messages to translate the names of months and days. It uses the `->text()` output mode, returning unescaped interface messages. Since the output is not escaped later, the unescaped interface message is included on the output, resulting in an XSS vulnerability. Exploiting this on-wiki requires the `(editinterface)` right. This vulnerability has been addressed in commit `267e763a0`. Users are advised to update their installations. There are no known workarounds for this vulnerability. | -- | Feb 9, 2024 |
| CVE-2022-23375 | WikiDocs version 0.1.18 has an authenticated remote code execution vulnerability. An attacker can upload a malicious file using the image upload form through index.php. | MEDIUM | Feb 19, 2022 |
| CVE-2022-23376 | WikiDocs version 0.1.18 has multiple reflected XSS vulnerabilities on different pages. | MEDIUM | Feb 19, 2022 |
| CVE-2019-12474 | Wikimedia MediaWiki 1.23.0 through 1.32.1 has an information leak. Privileged API responses that include whether a recent change has been patrolled may be cached publicly. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. | MEDIUM | Jul 11, 2019 |
| CVE-2019-12473 | Wikimedia MediaWiki 1.27.0 through 1.32.1 might allow DoS. Passing invalid titles to the API could cause a DoS by querying the entire watchlist table. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. | MEDIUM | Jul 16, 2019 |
| CVE-2019-12471 | Wikimedia MediaWiki 1.30.0 through 1.32.1 has XSS. Loading user JavaScript from a non-existent account allows anyone to create the account, and perform XSS on users loading that script. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. | MEDIUM | Jul 16, 2019 |
| CVE-2019-12466 | Wikimedia MediaWiki through 1.32.1 allows CSRF. | MEDIUM | Jul 11, 2019 |
| CVE-2019-12470 | Wikimedia MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed log in RevisionDelete page is exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. | MEDIUM | Jul 16, 2019 |
| CVE-2020-36324 | Wikimedia Quarry analytics-quarry-web before 2020-12-15 allows Reflected XSS because app.py does not explicitly set the application/json content type. | MEDIUM | Apr 21, 2021 |
| CVE-2022-36080 | Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, an attacker could capture user\'s session cookies or execute malicious Javascript when a victim edits a markdown file. Version 1.7.1 fixes this issue. | -- | Sep 12, 2022 |
| CVE-2022-36081 | Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, Wikmd is vulnerable to path traversal when accessing `/list/<path:folderpath>` and discloses lists of files located on the server including sensitive data. Version 1.7.1 fixes this issue. | -- | Sep 12, 2022 |
| CVE-2018-10862 | WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the \'Zip Slip\' vulnerability. | MEDIUM | Jul 28, 2018 |
| CVE-2022-3143 | wildfly-elytron: possible timing attacks via use of unsafe comparator. A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user. | -- | Jan 13, 2023 |
| CVE-2022-47635 | Wildix WMS 6 before 6.02.20221216, WMS 5 before 5.04.20221214, and WMS4 before 4.04.45396.23 allows Server-side request forgery (SSRF) via ZohoClient.php. | -- | Dec 21, 2022 |
| CVE-2017-3216 | WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator password change on the device via a crafted POST request. | HIGH | Jun 19, 2017 |
| CVE-2008-4986 | wims 3.62 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/env#####, (b) /tmp/sed#####, and (c) /tmp/referer-home.log temporary files, related to the (1) coqweb and (2) account.sh scripts. | Medium | Nov 6, 2008 |
| CVE-2022-23922 | WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an attacker to locally write files to the Program Announcer directory and elevate permissions whenever the program is executed. | MEDIUM | Feb 25, 2022 |
| CVE-2022-23104 | WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an attacker to locally write files to the program Operator Workspace directory, which holds DLL files and executables. A low-privilege attacker could write a malicious DLL file to the Operator Workspace directory to achieve privilege escalation and the permissions of the user running the program. | MEDIUM | Feb 25, 2022 |
| CVE-2008-6118 | win/content/upload.php in Goople CMS 1.7 allows remote attackers to bypass authentication and gain administrative access by setting the loggedin cookie to 1. | High | Feb 12, 2009 |
| CVE-2022-24485 | Win32 File Enumeration Remote Code Execution Vulnerability | MEDIUM | Apr 15, 2022 |
| CVE-2022-24508 | Win32 File Enumeration Remote Code Execution Vulnerability | MEDIUM | Mar 9, 2022 |
| CVE-2022-24534 | Win32 Stream Enumeration Remote Code Execution Vulnerability | MEDIUM | Apr 15, 2022 |
| CVE-2022-21983 | Win32 Stream Enumeration Remote Code Execution Vulnerability | MEDIUM | Apr 15, 2022 |
| CVE-2024-30038 | Win32k Elevation of Privilege Vulnerability | -- | May 14, 2024 |
| CVE-2024-30030 | Win32k Elevation of Privilege Vulnerability | -- | May 14, 2024 |
| CVE-2024-30028 | Win32k Elevation of Privilege Vulnerability | -- | May 14, 2024 |
| CVE-2024-26241 | Win32k Elevation of Privilege Vulnerability | -- | Apr 9, 2024 |
| CVE-2024-21346 | Win32k Elevation of Privilege Vulnerability | -- | Feb 13, 2024 |
| CVE-2024-20686 | Win32k Elevation of Privilege Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20683 | Win32k Elevation of Privilege Vulnerability | -- | Jan 9, 2024 |
| CVE-2023-36011 | Win32k Elevation of Privilege Vulnerability | -- | Dec 12, 2023 |
| CVE-2023-35631 | Win32k Elevation of Privilege Vulnerability | -- | Dec 12, 2023 |
| CVE-2023-41772 | Win32k Elevation of Privilege Vulnerability | -- | Oct 10, 2023 |
| CVE-2023-36776 | Win32k Elevation of Privilege Vulnerability | -- | Oct 10, 2023 |
