MediaWiki

Short Name: [None Entered]
Previous Names: [None Entered]
URL: [None Entered]
Email: [None Entered]
Security URL: [None Entered]
Security Email: [None Entered]
Knowledge Base: [None Entered]
Notes: [No Notes]

Vulnerabilities by Vendor Product

MediaWiki

MediaWiki
MediaWiki Watch-list
1.4.5
OSVDB ID: 17107 MediaWiki Page Template Inclusions HTML Attributes XSS
1.16
OSVDB ID: 70272 MediaWiki Multiple Unspecified Function Clickjacking
1.16.1
OSVDB ID: 70799 MediaWiki includes/StubObject.php Language::factory Function Traversal Local File Inclusion
OSVDB ID: 70798 MediaWiki languages/Language.php Language::factory Function Traversal Local File Inclusion
OSVDB ID: 70770 MediaWiki CSS Comments XSS
1.8.0
OSVDB ID: 70799 MediaWiki includes/StubObject.php Language::factory Function Traversal Local File Inclusion
OSVDB ID: 70798 MediaWiki languages/Language.php Language::factory Function Traversal Local File Inclusion
1.17.2
OSVDB ID: 80364 MediaWiki Special:Upload File Upload CSRF
OSVDB ID: 80365 MediaWiki mt_rand() Predictable Password Reset Token Generation
OSVDB ID: 80361 MediaWiki User Blocking Manipulation CSRF
OSVDB ID: 80362 MediaWiki user.tokens Module Access Restriction CSRF Token Disclosure
OSVDB ID: 80363 MediaWiki Page Creation Wikitext Parser XSS
1.18.1
OSVDB ID: 80364 MediaWiki Special:Upload File Upload CSRF
OSVDB ID: 80365 MediaWiki mt_rand() Predictable Password Reset Token Generation
OSVDB ID: 80361 MediaWiki User Blocking Manipulation CSRF
OSVDB ID: 80362 MediaWiki user.tokens Module Access Restriction CSRF Token Disclosure
OSVDB ID: 80363 MediaWiki Page Creation Wikitext Parser XSS
1.18.4
OSVDB ID: 85085 MediaWiki Unspecified CSRF
OSVDB ID: 85106 MediaWiki Local Database External Authentication Plugin Credential Storage Information Disclosure
OSVDB ID: 85103 MediaWiki Non-existing File File: tag Comment XSS
OSVDB ID: 85104 MediaWiki index.php uselang Parameter XSS
1.19.1
OSVDB ID: 85085 MediaWiki Unspecified CSRF
OSVDB ID: 85106 MediaWiki Local Database External Authentication Plugin Credential Storage Information Disclosure
OSVDB ID: 85103 MediaWiki Non-existing File File: tag Comment XSS
OSVDB ID: 85104 MediaWiki index.php uselang Parameter XSS
1.18.4
1.19.1
1.18.4
1.19.1
1.18.4
OSVDB ID: 85105 MediaWiki GlobalBlocking Extension IP Address Block Bypass
1.19.1
OSVDB ID: 85105 MediaWiki GlobalBlocking Extension IP Address Block Bypass
1.18.4
1.19.1
1.18.4
OSVDB ID: 85107 MediaWiki User Block Attempt Handling Block Reason Disclosure
1.19.1
OSVDB ID: 85107 MediaWiki User Block Attempt Handling Block Reason Disclosure
1.18.4
OSVDB ID: 85108 MediaWiki External Authentication Plugin False Strict Function Handling Old Password Authentication Weakness
1.19.1
OSVDB ID: 85108 MediaWiki External Authentication Plugin False Strict Function Handling Old Password Authentication Weakness
1.17.2
OSVDB ID: 85513 MediaWiki wikitext Parser padleft Function Remote DoS
1.18.1
OSVDB ID: 85513 MediaWiki wikitext Parser padleft Function Remote DoS
1.18.5
OSVDB ID: 87927 MediaWiki Special:RecentChanges Page DoS
1.19.2
OSVDB ID: 87927 MediaWiki Special:RecentChanges Page DoS
OSVDB ID: 87928 MediaWiki session_id Termination Session Fixation Weakness
1.20.0
OSVDB ID: 87927 MediaWiki Special:RecentChanges Page DoS
1.18.5
OSVDB ID: 87928 MediaWiki session_id Termination Session Fixation Weakness
1.19.2
1.20.0
OSVDB ID: 87928 MediaWiki session_id Termination Session Fixation Weakness
1.20.0
OSVDB ID: 88195 MediaWiki CentralAuth Extension centralauth_Session Cookie Session Fixation Weakness
1.19.2
OSVDB ID: 88195 MediaWiki CentralAuth Extension centralauth_Session Cookie Session Fixation Weakness
1.18.5
OSVDB ID: 88195 MediaWiki CentralAuth Extension centralauth_Session Cookie Session Fixation Weakness
1.20.0
OSVDB ID: 88196 MediaWiki API editfont Option XSS
1.19.2
OSVDB ID: 88196 MediaWiki API editfont Option XSS
1.18.5
OSVDB ID: 88196 MediaWiki API editfont Option XSS
1.17.1
OSVDB ID: 78260 MediaWiki includes/api/ApiQueryRevisions.php execute() Function Deleted Cached Content Information Disclosure
1.18.0
OSVDB ID: 78260 MediaWiki includes/api/ApiQueryRevisions.php execute() Function Deleted Cached Content Information Disclosure
Unspecified
OSVDB ID: 90591 Apache Batik XML External Entity (XXE) Data Parsing Arbitrary File Disclosure
1.19.3
OSVDB ID: 90891 MediaWiki X.509 Certificate Domain Name Matching MiTM Weakness
OSVDB ID: 90890 MediaWiki User Unblock API Call Handling User Information Disclosure
1.20.2
OSVDB ID: 90891 MediaWiki X.509 Certificate Domain Name Matching MiTM Weakness
OSVDB ID: 90890 MediaWiki User Unblock API Call Handling User Information Disclosure
1.19.3
1.20.2
1.20.2
OSVDB ID: 90902 MediaWiki maintenance/mwdoc-filter.php Arbitrary File Access
1.20.3
OSVDB ID: 92490 MediaWiki SVG Parsing XML External Entity (XXE) Data Parsing Remote Command Execution
OSVDB ID: 92491 MediaWiki Lua Function Names XSS
1.19.4
OSVDB ID: 92490 MediaWiki SVG Parsing XML External Entity (XXE) Data Parsing Remote Command Execution
OSVDB ID: 92491 MediaWiki Lua Function Names XSS
1.20.3
1.19.4
1.20.3
OSVDB ID: 92493 MediaWiki Special:Import XML External Entity (XXE) Data Parsing Remote Command Execution
1.19.4
OSVDB ID: 92493 MediaWiki Special:Import XML External Entity (XXE) Data Parsing Remote Command Execution
1.20.3
OSVDB ID: 92494 MediaWiki Extension:RSS XML External Entity (XXE) Data Parsing Remote Command Execution
1.19.4
OSVDB ID: 92494 MediaWiki Extension:RSS XML External Entity (XXE) Data Parsing Remote Command Execution
1.20.4
OSVDB ID: 92898 MediaWiki Password Change Blocking Mechanism Bypass
OSVDB ID: 92897 MediaWiki Uploaded SVG File XSS
1.19.5
OSVDB ID: 92898 MediaWiki Password Change Blocking Mechanism Bypass
OSVDB ID: 92897 MediaWiki Uploaded SVG File XSS
1.20.4
1.19.5

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2013 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use