← back
CVE-2005-4031

CVE-2005-4031

EPSS 3.2%
Eval injection vulnerability in MediaWiki 1.5.x before 1.5.3 allows remote attackers to execute arbitrary PHP code via the "user language option," which is used as part of a dynamic class name that is processed using the eval function.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/17866http://sourceforge.net/project/shownotes.php?group_id=34373&release_id=375755http://www.kb.cert.org/vuls/id/392156http://www.securityfocus.com/bid/15703http://www.vupen.com/english/advisories/2005/2726