Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mediawiki mediawiki 1.20.1 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-1818
maintenance/mwdoc-filter.php in MediaWiki prior to 1.20.3 allows remote malicious users to read arbitrary files via unspecified vectors.
Mediawiki Mediawiki
Mediawiki Mediawiki 1.20
Mediawiki Mediawiki 1.20.1
6.8
CVSSv2
CVE-2013-2114
Unrestricted file upload vulnerability in the chunk upload API in MediaWiki 1.19 up to and including 1.19.6 and 1.20.x prior to 1.20.6 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension.
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.20.2
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.19.4
5
CVSSv2
CVE-2013-4301
includes/resourceloader/ResourceLoaderContext.php in MediaWiki 1.19.x prior to 1.19.8, 1.20.x prior to 1.20.7, and 1.21.x prior to 1.21.2 allows remote malicious users to obtain sensitive information via a "<" (open angle bracket) character in the lang parameter to w...
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.20.2
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.20.6
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.21
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.20
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19.1
5
CVSSv2
CVE-2013-4302
(1) ApiBlock.php, (2) ApiCreateAccount.php, (3) ApiLogin.php, (4) ApiMain.php, (5) ApiQueryDeletedrevs.php, (6) ApiTokens.php, and (7) ApiUnblock.php in includes/api/ in MediaWiki 1.19.x prior to 1.19.8, 1.20.x prior to 1.20.7, and 1.21.x prior to 1.21.2 allow remote malicious us...
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.20.2
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.20
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.21
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.20.6
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki 1.19.7
4.3
CVSSv2
CVE-2013-4307
Multiple cross-site scripting (XSS) vulnerabilities in repo/includes/EntityView.php in the Wikibase extension for MediaWiki 1.19.x prior to 1.19.8, 1.20.x prior to 1.20.7, and 1.21.x prior to 1.21.2 allow (1) remote malicious users to inject arbitrary web script or HTML via a lab...
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.20.6
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.20
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.21
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.20.2
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.19.6
7.5
CVSSv2
CVE-2013-4304
The CentralAuth extension for MediaWiki 1.19.x prior to 1.19.8, 1.20.x prior to 1.20.7, and 1.21.x prior to 1.21.2 caches a valid CentralAuthUser object in the centralauth_User cookie even when a user has not successfully logged in, which allows remote malicious users to bypass a...
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.21
Brion Vibber Centralauth Extension -
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.20.2
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.20
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.20.6
Mediawiki Mediawiki 1.20.5
4.3
CVSSv2
CVE-2013-4569
The CleanChanges extension for MediaWiki prior to 1.19.9, 1.20.x prior to 1.20.8, and 1.21.x prior to 1.21.3, when "Group changes by page in recent changes and watchlist" is enabled, allows remote malicious users to obtain sensitive information (revision-deleted IPs) vi...
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.20.2
Mediawiki Mediawiki 1.20.6
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.20.7
Mediawiki Mediawiki 1.20
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.21
Mediawiki Mediawiki 1.21.2
Mediawiki Mediawiki 1.21.1
4.3
CVSSv2
CVE-2013-4567
Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki prior to 1.19.9, 1.20.x prior to 1.20.8, and 1.21.x prior to 1.21.3 allows remote malicious users to conduct cross-site scripting (XSS) attacks via a \b (backspace) character in CSS.
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.20.7
Mediawiki Mediawiki 1.20.6
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.20
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.20.2
Mediawiki Mediawiki 1.21
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.21.2
4.3
CVSSv2
CVE-2013-4568
Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki prior to 1.19.9, 1.20.x prior to 1.20.8, and 1.21.x prior to 1.21.3 allows remote malicious users to conduct cross-site scripting (XSS) attacks via certain non-ASCII characters in CSS, as demonstrated using va...
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.20.6
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.20.2
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.20.7
Mediawiki Mediawiki 1.20
Mediawiki Mediawiki 1.21
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.21.2
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.19.4
6.8
CVSSv2
CVE-2012-5394
Cross-site request forgery (CSRF) vulnerability in the CentralAuth extension for MediaWiki prior to 1.19.9, 1.20.x prior to 1.20.8, and 1.21.x prior to 1.21.3 allows remote malicious users to hijack the authentication of users for requests that login via vectors involving image l...
Mediawiki Mediawiki 1.20.7
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.20
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.20.2
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.20.6
Mediawiki Mediawiki 1.21
Mediawiki Mediawiki 1.21.2
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »