Lucene search
Veracode Vulnerability DatabaseVERACODE:27853HistoryNov 10, 2020 - 3:43 a.m.
Remote Code Execution
2020-11-1003:43:34
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
19
moinmoin
remote code execution
server process
write permissions
attachment upload
malicious code
EPSS
0.014
Percentile
86.9%
moin is vulnerable to remote code execution. An attacker with write permissions is able to upload and execute malicious code via the normal wiki attachment upload functionality in the context of the server process worker by using the vulnerable MoinMoin cache action.
Related
ubuntucve
ubuntucve
CVE-2020-25074
2020-11-09 00:00:00
prion
prion
Directory traversal
2020-11-10 17:15:00
debiancve
debiancve
CVE-2020-25074
2020-11-10 17:15:12
osv
osv
CVE-2020-25074
2020-11-10 17:15:12
PYSEC-2020-67
2020-11-10 17:15:00
remote code execution via cache action in MoinMoin
2020-11-11 15:54:51
github
github
remote code execution via cache action in MoinMoin
2020-11-11 15:54:51
cve
cve
CVE-2020-25074
2020-11-10 17:15:12
cvelist
cvelist
CVE-2020-25074
2020-11-10 16:48:21
nvd
nvd
CVE-2020-25074
2020-11-10 17:15:12
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS : MoinMoin vulnerabilities (USN-4629-1)
2020-11-11 00:00:00
Debian DLA-2446-1 : moin security update
2020-11-12 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-4787-1)
2020-11-10 00:00:00
MoinMoin < 1.9.11 Multiple Vulnerabilities - Linux
2020-11-11 00:00:00
Ubuntu: Security Advisory (USN-4629-1)
2020-11-12 00:00:00
ubuntu
ubuntu
MoinMoin vulnerabilities
2020-11-11 00:00:00
suse
suse
Security update for moinmoin-wiki (important)
2020-11-23 00:00:00
Security update for moinmoin-wiki (important)
2020-11-19 00:00:00
debian
debian
[SECURITY] [DSA 4787-1] moin security update
2020-11-09 20:27:35
[SECURITY] [DLA 2446-1] moin security update
2020-11-10 21:43:54
[SECURITY] [DSA 4787-1] moin security update
2020-11-09 20:27:35
freebsd
freebsd
moinmoin -- multiple vulnerabilities
2020-11-08 00:00:00