Vulnonym.org

CVE-2008-1937 - Pursiest Phuking

Description

The user form processing (userform.py) in MoinMoin before 1.6.3 when using ACLs or a non-empty superusers list does not properly manage users which allows remote attackers to gain privileges.

Reference

http://hg.moinmo.in/moin/1.6/rev/f405012e67af http://moinmo.in/SecurityFixes http://www.securityfocus.com/bid/28869 http://secunia.com/advisories/29894 http://security.gentoo.org/glsa/glsa-200805-09.xml http://secunia.com/advisories/30160 http://www.vupen.com/english/advisories/2008/1307/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41909