Vulnerabilities > CVE-2004-2185 - Unspecified vulnerability in Mediawiki 1.3.5

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
mediawiki
nessus

Summary

Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage.

Vulnerable Configurations

Part Description Count
Application
Mediawiki
1

Nessus

NASL familyCGI abuses
NASL idMEDIAWIKI_MULTIPLE_FLAWS.NASL
descriptionThe remote host appears is running a version of MediaWiki prior to 1.3.11. It is, therefore, affected by various vulnerabilities, including some that allow an attacker to execute arbitrary PHP code on the remote host. Note that Nessus has not tested for these issues but has instead relied only on the application
last seen2020-06-01
modified2020-06-02
plugin id18035
published2005-04-13
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/18035
titleMediaWiki < 1.3.11 Multiple Remote Vulnerabilities