Total
317 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-2942 | 1 Mediawiki | 1 Mediawiki | 2016-12-07 | 7.1 HIGH | N/A |
MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of nested entity references in an (1) SVG file or (2) XMP metadata in a PDF file, aka a "billion laughs attack," a different vulnerability than CVE-2015-2937. | |||||
CVE-2015-2936 | 1 Mediawiki | 1 Mediawiki | 2016-12-07 | 7.1 HIGH | N/A |
MediaWiki 1.24.x before 1.24.2, when using PBKDF2 for password hashing, allows remote attackers to cause a denial of service (CPU consumption) via a long password. | |||||
CVE-2015-2935 | 1 Mediawiki | 1 Mediawiki | 2016-12-07 | 5.0 MEDIUM | N/A |
MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to bypass the SVG filtering and obtain sensitive user information via a mixed case @import in a style element in an SVG file, as demonstrated by "@imporT." | |||||
CVE-2015-2934 | 1 Mediawiki | 1 Mediawiki | 2016-12-07 | 4.3 MEDIUM | N/A |
MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 does not properly handle when the Zend interpreter xml_parse function does not expand entities, which allows remote attackers to inject arbitrary web script or HTML via a crafted SVG file. | |||||
CVE-2015-2933 | 1 Mediawiki | 1 Mediawiki | 2016-12-07 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Html class in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via a LanguageConverter substitution string when using a language variant. | |||||
CVE-2015-2932 | 1 Mediawiki | 1 Mediawiki | 2016-12-07 | 4.3 MEDIUM | N/A |
Incomplete blacklist vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via an animated href XLink element. | |||||
CVE-2015-2931 | 1 Mediawiki | 1 Mediawiki | 2016-12-07 | 4.3 MEDIUM | N/A |
Incomplete blacklist vulnerability in includes/upload/UploadBase.php in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via an application/xml MIME type for a nested SVG with a data: URI. | |||||
CVE-2013-2032 | 3 Fedoraproject, Gentoo, Mediawiki | 3 Fedora, Linux, Mediawiki | 2016-10-18 | 5.0 MEDIUM | N/A |
MediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow extensions to prevent password changes without using both Special:PasswordReset and Special:ChangePassword, which allows remote attackers to bypass the intended restrictions of an extension that only implements one of these blocks. | |||||
CVE-2004-1405 | 1 Mediawiki | 1 Mediawiki | 2016-10-17 | 7.5 HIGH | N/A |
MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code. | |||||
CVE-2014-1610 | 1 Mediawiki | 1 Mediawiki | 2016-05-25 | 6.0 MEDIUM | N/A |
MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5, and 1.19.x before 1.19.11, when DjVu or PDF file upload support is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the page parameter to includes/media/DjVu.php; (2) the w parameter (aka width field) to thumb.php, which is not properly handled by includes/media/PdfHandler_body.php; and possibly unspecified vectors in (3) includes/media/Bitmap.php and (4) includes/media/ImageHandler.php. | |||||
CVE-2014-2242 | 1 Mediawiki | 1 Mediawiki | 2016-04-04 | 4.3 MEDIUM | N/A |
includes/upload/UploadBase.php in MediaWiki before 1.19.12, 1.20.x and 1.21.x before 1.21.6, and 1.22.x before 1.22.3 does not prevent use of invalid namespaces in SVG files, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an SVG upload, as demonstrated by use of a W3C XHTML namespace in conjunction with an IFRAME element. | |||||
CVE-2015-8002 | 1 Mediawiki | 1 Mediawiki | 2015-11-10 | 6.8 MEDIUM | N/A |
The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 allows remote authenticated users to cause a denial of service (disk consumption) via a file upload using one byte chunks. | |||||
CVE-2015-8004 | 1 Mediawiki | 1 Mediawiki | 2015-11-10 | 4.0 MEDIUM | N/A |
MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not properly restrict access to revisions, which allows remote authenticated users with the viewsuppressed user right to remove revision suppressions via a crafted revisiondelete action, which returns a valid a change form. | |||||
CVE-2015-8003 | 1 Mediawiki | 1 Mediawiki | 2015-11-10 | 6.8 MEDIUM | N/A |
MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not throttle file uploads, which allows remote authenticated users to have unspecified impact via multiple file uploads. | |||||
CVE-2015-8001 | 1 Mediawiki | 1 Mediawiki | 2015-11-10 | 3.5 LOW | N/A |
The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not restrict the uploaded data to the claimed file size, which allows remote authenticated users to cause a denial of service via a chunk that exceeds the file size. | |||||
CVE-2015-8005 | 1 Mediawiki | 1 Mediawiki | 2015-11-10 | 5.0 MEDIUM | N/A |
MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 uses the thumbnail ImageMagick command line argument, which allows remote attackers to obtain the installation path by reading the metadata of a PNG thumbnail file. | |||||
CVE-2014-9475 | 1 Mediawiki | 1 Mediawiki | 2015-09-17 | 3.5 LOW | N/A |
Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.19.23, 1.2x before 1.22.15, 1.23.x before 1.23.8, and 1.24.x before 1.24.1 allows remote authenticated users to inject arbitrary web script or HTML via a wikitext message. | |||||
CVE-2014-9476 | 1 Mediawiki | 1 Mediawiki | 2015-09-17 | 5.0 MEDIUM | N/A |
MediaWiki 1.2x before 1.22.15, 1.23.x before 1.23.8, and 1.24.x before 1.24.1 allows remote attackers to bypass CORS restrictions in $wgCrossSiteAJAXdomains via a domain that has a partial match to an allowed origin, as demonstrated by "http://en.wikipedia.org.evilsite.example/." | |||||
CVE-2014-2853 | 1 Mediawiki | 1 Mediawiki | 2015-09-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in includes/actions/InfoAction.php in MediaWiki before 1.21.9 and 1.22.x before 1.22.6 allows remote attackers to inject arbitrary web script or HTML via the sort key in an info action. | |||||
CVE-2014-5242 | 1 Mediawiki | 1 Mediawiki | 2015-09-08 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and 1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving the multipageimagenavbox class in conjunction with an action=raw value. |