Known Vulnerabilities for products from Ikiwiki
Listed below are 18 of the newest known vulnerabilities associated with the vendor "Ikiwiki".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2019-9187 json | ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228 allows SSRF via the aggregate plugin. The impact also i... | 7.5 - HIGH | 2019-06-05 | 2019-07-17 |
| CVE-2017-0356 json | A flaw, similar to to CVE-2016-9646, exists in ikiwiki before 3.20170111, in the passwordauth plugin's use of CGI::FormBuilde... | 9.8 - CRITICAL | 2018-04-13 | 2018-05-18 |
| CVE-2016-10026 json | ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a page on sites with the git and ... | Not Provided | 2017-02-13 | 2025-04-20 |
| CVE-2016-9646 json | ikiwiki before 3.20161229 incorrectly called the CGI::FormBuilder->field method (similar to the CGI->param API that led to Bu... | 5.3 - MEDIUM | 2018-04-13 | 2018-05-18 |
| CVE-2016-9645 json | The fix for ikiwiki for CVE-2016-10026 was incomplete resulting in editing restriction bypass for git revert when using git v... | 6.5 - MEDIUM | 2018-04-10 | 2018-05-22 |
| CVE-2016-4561 json | Cross-site scripting (XSS) vulnerability in the cgierror function in CGI.pm in ikiwiki before 3.20160506 might allow remote a... | Not Provided | 2016-05-10 | 2026-05-06 |
| CVE-2015-2793 json | Cross-site scripting (XSS) vulnerability in templates/openid-selector.tmpl in ikiwiki before 3.20150329 allows remote attacke... | 6.1 - MEDIUM | 2019-11-21 | 2023-11-07 |
| CVE-2012-0220 json | Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin (Plugin/meta.pm) in ikiwiki before 3.20120516 allow re... | Not Provided | 2012-05-29 | 2026-04-29 |
| CVE-2011-1408 json | ikiwiki before 3.20110608 allows remote attackers to hijack root's tty and run symlink attacks. | 8.2 - HIGH | 2019-10-29 | 2020-08-18 |
| CVE-2011-1401 json | ikiwiki before 3.20110328 does not ascertain whether the htmlscrubber plugin is enabled during processing of the "meta styles... | Not Provided | 2011-04-11 | 2026-04-29 |
| CVE-2011-0428 json | Cross Site Scripting (XSS) in ikiwiki before 3.20110122 could allow remote attackers to insert arbitrary JavaScript due to in... | 6.1 - MEDIUM | 2019-10-29 | 2019-11-01 |
| CVE-2010-1673 json | A cross-site scripting (XSS) vulnerability in ikiwiki before 3.20101112 allows remote attackers to inject arbitrary web scrip... | 6.1 - MEDIUM | 2019-10-30 | 2019-10-31 |
| CVE-2010-1195 json | Cross-site scripting (XSS) vulnerability in the htmlscrubber component in ikiwiki 2.x before 2.53.5 and 3.x before 3.20100312... | Not Provided | 2010-03-31 | 2026-04-29 |
| CVE-2009-2944 json | Incomplete blacklist vulnerability in the teximg plugin in ikiwiki before 3.1415926 and 2.x before 2.53.4 allows context-depe... | Not Provided | 2009-08-31 | 2026-04-23 |
| CVE-2008-0809 json | Cross-site scripting (XSS) vulnerability in the htmlscrubber in Ikiwiki before 1.1.46 allows remote attackers to inject arbit... | Not Provided | 2008-02-19 | 2026-04-23 |
| CVE-2008-0808 json | Cross-site scripting (XSS) vulnerability in the meta plugin in Ikiwiki before 1.1.47 allows remote attackers to inject arbitr... | Not Provided | 2008-02-19 | 2026-04-23 |
| CVE-2008-0169 json | Plugin/passwordauth.pm (aka the passwordauth plugin) in ikiwiki 1.34 through 2.47 allows remote attackers to bypass authentic... | Not Provided | 2008-06-03 | 2026-04-23 |
| CVE-2008-0165 json | Cross-site request forgery (CSRF) vulnerability in Ikiwiki before 2.42 allows remote attackers to modify user preferences, in... | Not Provided | 2008-04-21 | 2026-04-23 |
Known software with vulnerabilities from Ikiwiki
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Ikiwiki | Ikiwiki | 1.0 |