Unrestricted file upload vulnerability in the chunk upload API in MediaWiki 1.19 up to and including 1.19.6 and 1.20.x prior to 1.20.6 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mediawiki mediawiki 1.19.5 |
||
mediawiki mediawiki 1.19.6 |
||
mediawiki mediawiki 1.20.5 |
||
mediawiki mediawiki 1.19 |
||
mediawiki mediawiki 1.19.0 |
||
mediawiki mediawiki 1.20.1 |
||
mediawiki mediawiki 1.20.3 |
||
mediawiki mediawiki 1.19.1 |
||
mediawiki mediawiki 1.19.3 |
||
mediawiki mediawiki 1.20.2 |
||
mediawiki mediawiki 1.20.4 |
||
mediawiki mediawiki 1.19.2 |
||
mediawiki mediawiki 1.19.4 |