Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mediawiki mediawiki vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-5242
Cross-site scripting (XSS) vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x prior to 1.22.9 and 1.23.x prior to 1.23.2 allows remote malicious users to inject arbitrary web script or HTML via vectors involving the multipageimagenavbox class in conjunction w...
Mediawiki Mediawiki 1.23.0
Mediawiki Mediawiki 1.22.8
Mediawiki Mediawiki 1.22.6
Mediawiki Mediawiki 1.22.0
Mediawiki Mediawiki 1.22.5
Mediawiki Mediawiki 1.23.1
Mediawiki Mediawiki 1.22.7
Mediawiki Mediawiki 1.22.3
Mediawiki Mediawiki 1.22.2
Mediawiki Mediawiki 1.22.1
Mediawiki Mediawiki 1.22.4
4.3
CVSSv2
CVE-2007-4828
Cross-site scripting (XSS) vulnerability in the API pretty-printing mode in MediaWiki 1.8.0 up to and including 1.8.4, 1.9.0 up to and including 1.9.3, 1.10.0 up to and including 1.10.1, and the 1.11 development versions prior to 1.11.0 allows remote malicious users to inject arb...
Mediawiki Mediawiki 1.8.2
Mediawiki Mediawiki 1.11 Development
Mediawiki Mediawiki 1.9.3
Mediawiki Mediawiki 1.8.0
Mediawiki Mediawiki 1.9.2
Mediawiki Mediawiki 1.9.1
Mediawiki Mediawiki 1.10.1
Mediawiki Mediawiki 1.8.3
Mediawiki Mediawiki 1.8.4
Mediawiki Mediawiki 1.8.1
Mediawiki Mediawiki 1.9.0
Mediawiki Mediawiki 1.10.0
4.3
CVSSv2
CVE-2005-3167
Incomplete blacklist vulnerability in MediaWiki prior to 1.4.11 does not properly remove certain CSS inputs (HTML inline style attributes) that are processed as active content by Internet Explorer, which allows remote malicious users to conduct cross-site scripting (XSS) attacks.
Mediawiki Mediawiki 1.4.1
Mediawiki Mediawiki 1.4.8
Mediawiki Mediawiki 1.4.9
Mediawiki Mediawiki 1.4.3
Mediawiki Mediawiki 1.4.2
Mediawiki Mediawiki 1.4 Beta6
Mediawiki Mediawiki 1.4 Beta3
Mediawiki Mediawiki 1.4 Beta4
Mediawiki Mediawiki 1.4.5
Mediawiki Mediawiki 1.4 Beta1
Mediawiki Mediawiki 1.4.6
Mediawiki Mediawiki 1.4.10
Mediawiki Mediawiki 1.4 Beta2
Mediawiki Mediawiki 1.4 Beta5
Mediawiki Mediawiki 1.4.7
5
CVSSv2
CVE-2008-5687
MediaWiki 1.11, and other versions prior to 1.13.3, does not properly protect against the download of backups of deleted images, which might allow remote malicious users to obtain sensitive information via requests for files in images/deleted/.
Mediawiki Mediawiki 1.12.1
Mediawiki Mediawiki 1.13.0
Mediawiki Mediawiki 1.12.3
Mediawiki Mediawiki 1.12.0
Mediawiki Mediawiki 1.11.2
Mediawiki Mediawiki 1.11
Mediawiki Mediawiki 1.13.1
Mediawiki Mediawiki 1.13.2
Mediawiki Mediawiki 1.11.1
Mediawiki Mediawiki 1.12.2
4.3
CVSSv2
CVE-2005-1888
Cross-site scripting (XSS) vulnerability in MediaWiki prior to 1.4.5 allows remote malicious users to inject arbitrary web script via HTML attributes in page templates.
Mediawiki Mediawiki 1.3.5
Mediawiki Mediawiki 1.3.6
Mediawiki Mediawiki 1.4 Beta3
Mediawiki Mediawiki 1.3
Mediawiki Mediawiki 1.3.10
Mediawiki Mediawiki 1.3.4
Mediawiki Mediawiki Stable 2003-11-07
Mediawiki Mediawiki 1.3.9
Mediawiki Mediawiki 1.4 Beta4
Mediawiki Mediawiki Stable 2003-08-29
Mediawiki Mediawiki Stable 2003-11-17
Mediawiki Mediawiki 1.4 Beta1
Mediawiki Mediawiki 1.3.3
Mediawiki Mediawiki 1.3.1
Mediawiki Mediawiki 1.3.7
Mediawiki Mediawiki 1.3.11
Mediawiki Mediawiki 1.3.8
Mediawiki Mediawiki 1.3.2
Mediawiki Mediawiki 1.4 Beta2
Mediawiki Mediawiki 1.4 Beta5
7.5
CVSSv2
CVE-2005-0535
Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x prior to 1.3.11 and 1.4 beta prior to 1.4 rc1 allows remote malicious users to perform unauthorized actions as authenticated MediaWiki users.
Mediawiki Mediawiki 1.3.5
Mediawiki Mediawiki 1.3.6
Mediawiki Mediawiki 1.3
Mediawiki Mediawiki 1.3.10
Mediawiki Mediawiki 1.3.4
Mediawiki Mediawiki 1.3.9
Mediawiki Mediawiki 1.3.3
Mediawiki Mediawiki 1.3.1
Mediawiki Mediawiki 1.3.7
Mediawiki Mediawiki 1.3.8
Mediawiki Mediawiki 1.3.2
Gentoo Linux
4.3
CVSSv2
CVE-2005-3165
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki prior to 1.4.9 allow remote malicious users to inject arbitrary web script or HTML via (1) <math> tags or (2) Extension or <nowiki> sections that "bypass HTML style attribute restrictions" that...
Mediawiki Mediawiki 1.4.1
Mediawiki Mediawiki 1.4.8
Mediawiki Mediawiki 1.4.3
Mediawiki Mediawiki 1.4.2
Mediawiki Mediawiki 1.4 Beta6
Mediawiki Mediawiki 1.4 Beta3
Mediawiki Mediawiki 1.4 Beta4
Mediawiki Mediawiki 1.4.5
Mediawiki Mediawiki 1.4 Beta1
Mediawiki Mediawiki 1.4.6
Mediawiki Mediawiki 1.4 Beta2
Mediawiki Mediawiki 1.4 Beta5
Mediawiki Mediawiki 1.4.7
4
CVSSv2
CVE-2015-8004
MediaWiki prior to 1.23.11, 1.24.x prior to 1.24.4, and 1.25.x prior to 1.25.3 does not properly restrict access to revisions, which allows remote authenticated users with the viewsuppressed user right to remove revision suppressions via a crafted revisiondelete action, which ret...
Mediawiki Mediawiki 1.24.2
Mediawiki Mediawiki 1.24.3
Mediawiki Mediawiki
Mediawiki Mediawiki 1.24.0
Mediawiki Mediawiki 1.24.1
Mediawiki Mediawiki 1.25.2
Mediawiki Mediawiki 1.25.1
Mediawiki Mediawiki 1.25.0
5
CVSSv2
CVE-2015-8005
MediaWiki prior to 1.23.11, 1.24.x prior to 1.24.4, and 1.25.x prior to 1.25.3 uses the thumbnail ImageMagick command line argument, which allows remote malicious users to obtain the installation path by reading the metadata of a PNG thumbnail file.
Mediawiki Mediawiki 1.24.2
Mediawiki Mediawiki 1.24.3
Mediawiki Mediawiki
Mediawiki Mediawiki 1.24.0
Mediawiki Mediawiki 1.24.1
Mediawiki Mediawiki 1.25.2
Mediawiki Mediawiki 1.25.1
Mediawiki Mediawiki 1.25.0
6.8
CVSSv2
CVE-2015-8002
The chunked upload API (ApiUpload) in MediaWiki prior to 1.23.11, 1.24.x prior to 1.24.4, and 1.25.x prior to 1.25.3 allows remote authenticated users to cause a denial of service (disk consumption) via a file upload using one byte chunks.
Mediawiki Mediawiki 1.24.2
Mediawiki Mediawiki 1.24.3
Mediawiki Mediawiki
Mediawiki Mediawiki 1.24.0
Mediawiki Mediawiki 1.24.1
Mediawiki Mediawiki 1.25.2
Mediawiki Mediawiki 1.25.1
Mediawiki Mediawiki 1.25.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »