Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mediawiki mediawiki 1.40.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-45364
An issue exists in includes/page/Article.php in MediaWiki 1.36.x up to and including 1.39.x prior to 1.39.5 and 1.40.x prior to 1.40.1. Deleted revision existence is leaked due to incorrect permissions being checked. This reveals that a given revision ID belonged to the given pag...
Mediawiki Mediawiki 1.40.0
Mediawiki Mediawiki
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-3550
Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a low-privileged user account can use this exploit to become an administrator by sending a malicious link to the instance adm...
Mediawiki Mediawiki 1.40.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2023-36674
An issue exists in MediaWiki prior to 1.35.11, 1.36.x up to and including 1.38.x prior to 1.38.7, 1.39.x prior to 1.39.4, and 1.40.x prior to 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax.
Mediawiki Mediawiki
Mediawiki Mediawiki 1.40.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2