CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Mediawiki: >> Mediawiki >> 1.3.11 Security Vulnerabilities

CVE-2005-1245

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, when using HTML Tidy ($wgUseTidy), allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

CVSS Score

4.3

EPSS Score

0.004

Published

2005-05-02

CVE-2004-1405

MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.

CVSS Score

7.5

EPSS Score

0.089

Published

2004-12-31

Page 29

Vulnerabilities

Vulnerable Software

Mediawiki: >> Mediawiki >> 1.3.11 Security Vulnerabilities

Products

Pricing

Contact Us