Shodan
Vulnerabilities
Vulnerable Software
Mediawiki:  Security Vulnerabilities
CVE-2005-2396
Cross-site scripting (XSS) vulnerability in MediaWiki 1.4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the page move template.
CVSS Score
4.3
EPSS Score
0.006
Published
2005-07-27
CVE-2005-2215
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.x before 1.4.6 and 1.5 before 1.5beta3 allows remote attackers to inject arbitrary web script or HTML via a parameter in the page move template, a different vulnerability than CVE-2005-1888.
CVSS Score
4.3
EPSS Score
0.003
Published
2005-07-12
CVE-2005-1888
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 allows remote attackers to inject arbitrary web script via HTML attributes in page templates.
CVSS Score
4.3
EPSS Score
0.004
Published
2005-06-06
CVE-2005-0534
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allow remote attackers to inject arbitrary web script.
CVSS Score
4.3
EPSS Score
0.004
Published
2005-05-02
CVE-2005-0536
Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to delete arbitrary files or determine file existence via a parameter related to image deletion.
CVSS Score
5.0
EPSS Score
0.011
Published
2005-05-02
CVE-2005-1245
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, when using HTML Tidy ($wgUseTidy), allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVSS Score
4.3
EPSS Score
0.004
Published
2005-05-02
CVE-2005-0535
Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to perform unauthorized actions as authenticated MediaWiki users.
CVSS Score
7.5
EPSS Score
0.009
Published
2005-02-22
CVE-2004-1405
MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.
CVSS Score
7.5
EPSS Score
0.102
Published
2004-12-31
CVE-2004-2152
Cross-site scripting (XSS) vulnerability in 'raw' page output mode for MediaWiki 1.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML.
CVSS Score
4.3
EPSS Score
0.005
Published
2004-12-31
CVE-2004-2185
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage.
CVSS Score
6.8
EPSS Score
0.02
Published
2004-12-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved