NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Keyword (text search): cpe:2.3:a:foswiki:foswiki:1.1.4:-:*:*:*:*:*:*
CPE Name Search: true

There are 5 matching records.

Displaying matches 1 through 5.

Vuln ID	Summary	CVSS Severity
CVE-2023-33756	An issue in the SpreadSheetPlugin component of Foswiki v2.1.7 and below allows attackers to execute a directory traversal. Published: August 08, 2023; 11:15:10 AM -0400	V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available)
CVE-2013-1666	Foswiki before 1.1.8 contains a code injection vulnerability in the MAKETEXT macro. Published: November 01, 2019; 1:15:10 PM -0400	V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 6.8 MEDIUM
CVE-2012-6330	The localization functionality in TWiki before 5.1.3, and Foswiki 1.0.x through 1.0.10 and 1.1.x through 1.1.6, allows remote attackers to cause a denial of service (memory consumption) via a large integer in a %MAKETEXT% macro. Published: January 04, 2013; 4:55:01 PM -0500	V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM
CVE-2012-1004	Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm in Foswiki before 1.1.5 allow remote authenticated users with CHANGE privileges to inject arbitrary web script or HTML via the (1) text, (2) FirstName, (3) LastName, (4) OrganisationName, (5) OrganisationUrl, (6) Profession, (7) Country, (8) State, (9) Address, (10) Location, (11) Telephone, (12) VoIP, (13) InstantMessagingIM, (14) Email, (15) HomePage, or (16) Comment parameter. NOTE: some of these details are obtained from third party information. Published: February 07, 2012; 11:11:31 PM -0500	V4.0:(not available) V3.x:(not available) V2.0: 2.1 LOW
CVE-2009-4853	Multiple cross-site scripting (XSS) vulnerabilities in JumpBox before 1.1.2 for Foswiki Wiki System allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: May 07, 2010; 2:30:01 PM -0400	V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM