Exposición de MediaWiki
Wikis33
score de exposición
22.129
sitios usan
0
en explotación
0
críticos
CVEs
64 resultadosCVE-2012-4381—MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, (1) which could make it easier for context-dependenEPSS 4.0%CVE-2018-0504—Information disclosure in Special:Redirect/logidEPSS 2.8%CVE-2013-1816—MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a speciEPSS 2.7%CVE-2013-1817—MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive iEPSS 2.5%CVE-2013-4572—The CentralNotice extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 sets the Cache-Control header to cacEPSS 2.1%CVE-2018-13258—Tarball was missing .htaccess filesEPSS 2.1%CVE-2018-0505—BotPasswords can bypass CentralAuth's account lockEPSS 1.9%CVE-2017-0367—Having LocalisationCache directory default to system tmp directory is insecureEPSS 1.9%CVE-2013-1951—A cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.5 and 1.20.x before 1.20.4 and allows remote attackers to inject arbitraEPSS 1.6%CVE-2013-4303—includes/libs/IEUrlExtension.php in the MediaWiki API in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 doesEPSS 1.5%CVE-2017-0368—Make rawHTML mode not apply to system messagesEPSS 1.5%CVE-2018-0503—$wgRateLimits entry for 'user' overrides 'newbie'EPSS 1.5%CVE-2017-0370—Spam blacklist ineffective on encoded URLs inside file inclusion syntax's link parameterEPSS 1.4%CVE-2012-0046—mediawiki allows deleted text to be exposedEPSS 1.4%CVE-2017-0366—SVG filter evasion using default attribute values in DTD declarationEPSS 1.3%CVE-2017-0369—Sysops can undelete pages, although the page is protected against itEPSS 1.2%CVE-2017-0365—XSS in SearchHighlighter::highlightText() [requires non-default config]EPSS 1.2%CVE-2023-3550HIGHStored XSS leads to privilege escalation in MediaWiki v1.40.0EPSS 1.2%CVE-2013-6455—The CentralAuth extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to obtain usernEPSS 1.1%CVE-2017-0364—Special:Search allows redirects to any interwiki linkEPSS 1.1%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →