Shodan
Vulnerabilities
Vulnerable Software
Mediawiki:  >> Mediawiki  Security Vulnerabilities
CVE-2004-1405
MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.
CVSS Score
7.5
EPSS Score
0.052
Published
2004-12-31
CVE-2004-2152
Cross-site scripting (XSS) vulnerability in 'raw' page output mode for MediaWiki 1.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML.
CVSS Score
4.3
EPSS Score
0.012
Published
2004-12-31
CVE-2004-2185
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage.
CVSS Score
6.8
EPSS Score
0.02
Published
2004-12-31
CVE-2004-2186
SQL injection vulnerability in MediaWiki 1.3.5 allows remote attackers to execute arbitrary SQL commands via SpecialMaintenance.
CVSS Score
7.5
EPSS Score
0.011
Published
2004-12-31
CVE-2004-2187
Unknown vulnerability in ImagePage for MediaWiki 1.3.5, related to "filename validation," has unknown impact and attack vectors.
CVSS Score
5.0
EPSS Score
0.009
Published
2004-12-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved