Vulnerabilities > Mediawiki > High

DATE CVE VULNERABILITY TITLE RISK
2017-10-17 CVE-2014-9487 XXE vulnerability in Mediawiki
The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and 1.19.23 allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
network
low complexity
mediawiki CWE-611
7.5
2015-09-01 CVE-2015-6728 Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki
The ApiBase::getWatchlistUser function in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 does not perform token comparison in constant time, which allows remote attackers to guess the watchlist token and bypass CSRF protection via a timing attack.
network
low complexity
mediawiki CWE-352
7.5
2015-04-13 CVE-2015-2942 Resource Management Errors vulnerability in Mediawiki
MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of nested entity references in an (1) SVG file or (2) XMP metadata in a PDF file, aka a "billion laughs attack," a different vulnerability than CVE-2015-2937.
network
mediawiki CWE-399
7.1
2015-04-13 CVE-2015-2937 Resource Management Errors vulnerability in Mediawiki
MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM or Zend PHP, allows remote attackers to cause a denial of service ("quadratic blowup" and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, a different vulnerability than CVE-2015-2942.
network
mediawiki CWE-399
7.1
2015-04-13 CVE-2015-2936 Resource Management Errors vulnerability in Mediawiki 1.24.0/1.24.1
MediaWiki 1.24.x before 1.24.2, when using PBKDF2 for password hashing, allows remote attackers to cause a denial of service (CPU consumption) via a long password.
network
mediawiki CWE-399
7.1
2015-01-04 CVE-2014-9277 Command Injection vulnerability in Mediawiki
The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7 allows remote attackers to conduct PHP object injection attacks via a crafted string containing <cross-domain-policy> in a PHP format request, which causes the string length to change when converting the request to <NOT-cross-domain-policy>.
network
low complexity
mediawiki CWE-77
7.5
2014-05-12 CVE-2013-6453 Improper Input Validation vulnerability in Mediawiki
MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 does not properly sanitize SVG files, which allows remote attackers to have unspecified impact via invalid XML.
network
low complexity
mediawiki CWE-20
7.5
2014-05-12 CVE-2013-4571 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mediawiki
Buffer overflow in php-luasandbox in the Scribuntu extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 has unspecified impact and remote vectors.
network
low complexity
mediawiki CWE-119
7.5
2014-01-26 CVE-2013-4304 Improper Authentication vulnerability in multiple products
The CentralAuth extension for MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 caches a valid CentralAuthUser object in the centralauth_User cookie even when a user has not successfully logged in, which allows remote attackers to bypass authentication without a password.
network
low complexity
brion-vibber mediawiki CWE-287
7.5
2011-02-04 CVE-2011-0537 Path Traversal vulnerability in Mediawiki
Multiple directory traversal vulnerabilities in (1) languages/Language.php and (2) includes/StubObject.php in MediaWiki 1.8.0 and other versions before 1.16.2, when running on Windows and possibly Novell Netware, allow remote attackers to include and execute arbitrary local PHP files via vectors related to a crafted language file and the Language::factory function.
network
low complexity
mediawiki microsoft CWE-22
7.5