CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Mediawiki: >> Mediawiki >> 1.3.0 Security Vulnerabilities

CVE-2004-1405

MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.

CVSS Score

7.5

EPSS Score

0.052

Published

2004-12-31

CVE-2004-2152

Cross-site scripting (XSS) vulnerability in 'raw' page output mode for MediaWiki 1.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML.

CVSS Score

4.3

EPSS Score

0.012

Published

2004-12-31

Page 31

Vulnerabilities

Vulnerable Software

Mediawiki: >> Mediawiki >> 1.3.0 Security Vulnerabilities

Products

Pricing

Contact Us