Path Traversal in Moinmo Moinmoin

CVE-2012-6495

Multiple directory traversal vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to overwrite arbit…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.099 (93.1th percentile) — read the EPSS interpretation.

Affected products

Moinmo Moinmoin — versions 0.1, 0.2, 0.3
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_CONFIRM, Exploit, Patch)
DSA-2593 (vendor-advisory, x_refsource_DEBIAN)
cve@mitre.org (x_refsource_MISC)
[oss-security] 20121229 CVE request: MoinMoin Wiki (remote code execution vulnerability) (mailing-list, x_refsource_MLIST)
[oss-security] 20121229 Re: CVE request: MoinMoin Wiki (remote code execution vulnerability) (mailing-list, x_refsource_MLIST)
51696 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
USN-1680-1 (x_refsource_UBUNTU, vendor-advisory)