Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mediawiki mediawiki vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2012-4381
MediaWiki prior to 1.18.5, and 1.19.x prior to 1.19.2 saves passwords in the local database, (1) which could make it easier for context-dependent malicious users to obtain cleartext passwords via a brute-force attack or, (2) when an authentication plugin returns a false in the st...
Mediawiki Mediawiki
790
VMScore
CVE-2017-0372
Parameters injection in the SyntaxHighlight extension of Mediawiki prior to 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities.
Mediawiki Mediawiki 1.27.1
Mediawiki Mediawiki 1.28.0
Mediawiki Mediawiki
Mediawiki Mediawiki 1.27.2
Mediawiki Mediawiki 1.27.0
Mediawiki Mediawiki 1.28.1
Debian Debian Linux 9.0
Debian Debian Linux 7.0
755
VMScore
CVE-2004-1405
MediaWiki 1.3.8 and previous versions, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote malicious users to upload and execute arbitrary code.
Mediawiki Mediawiki 1.3.11
Mediawiki Mediawiki 1.3.2
Mediawiki Mediawiki 1.3
Mediawiki Mediawiki 1.3.0
Mediawiki Mediawiki 1.3.5
Mediawiki Mediawiki 1.3.6
Mediawiki Mediawiki 1.3.3
Mediawiki Mediawiki 1.3.4
Mediawiki Mediawiki 1.3.1
Mediawiki Mediawiki 1.3.10
Mediawiki Mediawiki 1.3.7
Mediawiki Mediawiki 1.3.8
1 EDB exploit
668
VMScore
CVE-2022-29904
The SemanticDrilldown extension for MediaWiki up to and including 1.37.2 (before e688bdba6434591b5dff689a45e4d53459954773) allows SQL injection with certain '-' and '_' constraints.
Mediawiki Mediawiki
668
VMScore
CVE-2022-29906
The admin API module in the QuizGame extension for MediaWiki up to and including 1.37.2 (prior to 665e33a68f6fa1167df99c0aa18ed0157cdf9f66) omits a check for the quizadmin user.
Mediawiki Mediawiki
668
VMScore
CVE-2022-28209
An issue exists in Mediawiki up to and including 1.37.1. The check for the override-antispoof permission in the AntiSpoof extension is incorrect.
Mediawiki Mediawiki
668
VMScore
CVE-2022-28205
An issue exists in MediaWiki up to and including 1.37.1. The CentralAuth extension mishandles a ttl issue for groups expiring in the future.
Mediawiki Mediawiki
668
VMScore
CVE-2022-28206
An issue exists in MediaWiki up to and including 1.37.1. ImportPlanValidator.php in the FileImporter extension mishandles the check for edit rights.
Mediawiki Mediawiki
668
VMScore
CVE-2021-31556
An issue exists in the Oauth extension for MediaWiki up to and including 1.35.2. MWOAuthConsumerSubmitControl.php does not ensure that the length of an RSA key will fit in a MySQL blob.
Mediawiki Mediawiki
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
668
VMScore
CVE-2021-37558
A SQL injection vulnerability in a MediaWiki script in Centreon prior to 20.04.14, 20.10.8, and 21.04.2 allows remote unauthenticated malicious users to execute arbitrary SQL commands via the host_name and service_description parameters. The vulnerability can be exploited only wh...
Centreon Centreon
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »