Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
abusefilter vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2019-16528
An issue exists in the AbuseFilter extension for MediaWiki. includes/special/SpecialAbuseLog.php allows malicious users to obtain sensitive information, such as deleted/suppressed usernames and summaries, from AbuseLog revision data. This affects REL1_32 and REL1_33.
Mediawiki Abusefilter 1.32
Mediawiki Abusefilter 1.33
445
VMScore
CVE-2019-18987
An issue exists in the AbuseFilter extension up to and including 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter...
Mediawiki Abusefilter
445
VMScore
CVE-2019-18612
An issue exists in the AbuseFilter extension up to and including 1.34 for MediaWiki. Previously hidden (restricted) AbuseFilter filters were viewable (or their differences were viewable) to unprivileged users, thus disclosing potentially sensitive information.
Mediawiki Abusefilter
356
VMScore
CVE-2021-31547
An issue exists in the AbuseFilter extension for MediaWiki up to and including 1.35.2. Its AbuseFilterCheckMatch API reveals suppressed edits and usernames to unprivileged users through the iteration of crafted AbuseFilter rules.
Mediawiki Mediawiki
356
VMScore
CVE-2021-31548
An issue exists in the AbuseFilter extension for MediaWiki up to and including 1.35.2. A MediaWiki user who is partially blocked or was unsuccessfully blocked could bypass AbuseFilter and have their edits completed.
Mediawiki Mediawiki
356
VMScore
CVE-2021-31546
An issue exists in the AbuseFilter extension for MediaWiki up to and including 1.35.2. It incorrectly logged sensitive suppression deletions, which should not have been visible to users with access to view AbuseFilter log data.
Mediawiki Mediawiki
445
VMScore
CVE-2021-31545
An issue exists in the AbuseFilter extension for MediaWiki up to and including 1.35.2. The page_recent_contributors leaked the existence of certain deleted MediaWiki usernames, related to rev_deleted.
356
VMScore
CVE-2021-31549
An issue exists in the AbuseFilter extension for MediaWiki up to and including 1.35.2. The Special:AbuseFilter/examine form allowed for the disclosure of suppressed MediaWiki usernames to unprivileged users.
NA
CVE-2023-37301
An issue exists in SubmitEntityAction in Wikibase in MediaWiki up to and including 1.39.3. Because it doesn't use EditEntity for undo and restore, the intended interaction with AbuseFilter does not occur.
Mediawiki Mediawiki
490
VMScore
CVE-2021-31554
An issue exists in the AbuseFilter extension for MediaWiki up to and including 1.35.2. It improperly handled account blocks for certain automatically created MediaWiki user accounts, thus allowing nefarious users to remain unblocked.
Mediawiki Mediawiki
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »