Medium Published: Mar 30, 2009 Modified: Apr 09, 2025

CVE-2008-6548

5 CVSS Score Medium

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Export CVE-2008-6548 Data:

Link copied!

Description

The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check the ACL of an included page, which allows attackers to read unauthorized include files via unknown vectors.

CVSS Vector Details

Attack Vector Network

Attack Complexity Low

Confidentiality P

Integrity None

Availability None

Affected Software Configurations

a moinmo moinmoin 1.6.1 * * * * * * *

Weaknesses (CWE)

CWE-862

References & External Links

http://hg.moinmo.in/moin/1.6/rev/35ff7a9b1546
http://moinmo.in/SecurityFixes
http://osvdb.org/48877
http://hg.moinmo.in/moin/1.6/rev/35ff7a9b1546
http://moinmo.in/SecurityFixes
http://osvdb.org/48877

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

CVE History Timeline

Mar 30, 2009 14:45 Initial Analysis

Feb 02, 2024 02:17 Reanalysis

May 14, 2024 02:01 CVE Modified

Nov 21, 2024 00:56 CVE Modified

← Back to CVE Tracker