| CVE-2021-41800 |
medium |
— |
5.5 |
4y ago |
MediaWiki allows a denial of service |
|
| CVE-2018-13258 |
medium |
— |
5.5 |
4y ago |
Mediawiki tarball is missing .htaccess files |
|
| CVE-2018-0503 |
medium |
— |
5.5 |
4y ago |
Mediawiki Improper Privilege Management |
|
| CVE-2018-0505 |
medium |
— |
5.5 |
4y ago |
Mediawiki BotPassword can bypass CentralAuth's account lock |
|
| CVE-2014-2853 |
medium |
— |
4.3 |
12y ago |
Cross-site scripting vulnerability in includes/actions/InfoAction.php |
|
| CVE-2023-45363 |
unknown |
— |
— |
3y ago |
MediaWiki Denial of Service vulnerability |
|
| CVE-2023-29141 |
unknown |
— |
— |
3y ago |
X-Forwarded-For header allows brute-forcing autoblocked IP addresses |
|
| CVE-2020-25813 |
unknown |
— |
— |
4y ago |
MediaWiki Special:UserRights exposes the existence of hidden users |
|
| CVE-2020-25828 |
unknown |
— |
— |
4y ago |
MediaWiki Cross-site Scripting (XSS) vulnerability |
|
| CVE-2020-25827 |
unknown |
— |
— |
4y ago |
OATHAuth extension in MediaWiki is not implementing rate limit |
|
| CVE-2020-25815 |
unknown |
— |
— |
4y ago |
MediaWiki Cross-site Scripting (XSS) vulnerability |
|
| CVE-2020-25814 |
unknown |
— |
— |
4y ago |
MediaWiki Cross-site Scripting (XSS) vulnerability |
|
| CVE-2020-25812 |
unknown |
— |
— |
4y ago |
MediaWiki Cross-site Scripting (XSS) vulnerability |
|
| CVE-2020-15005 |
unknown |
— |
— |
4y ago |
img_auth.php may leak private extension images into the public cache |
|
| CVE-2020-10959 |
unknown |
— |
— |
4y ago |
MediaWiki Open Redirect vulnerability |
|
| CVE-2020-10960 |
unknown |
— |
— |
4y ago |
MediaWiki makeCollapsible allows applying event handler to any CSS selector |
|
| CVE-2019-19709 |
unknown |
— |
— |
4y ago |
Possible to circumvent title-blacklist |
|
| CVE-2019-16738 |
unknown |
— |
— |
4y ago |
MediaWiki information disclosure |
|
| CVE-2019-12474 |
unknown |
— |
— |
4y ago |
Wikimedia information leak vulnerability |
|
| CVE-2019-12472 |
unknown |
— |
— |
4y ago |
MediaWiki Incorrect Access Control vulnerability |
|
| CVE-2019-12471 |
unknown |
— |
— |
4y ago |
MediaWiki Cross-site Scripting (XSS) |
|
| CVE-2019-12470 |
unknown |
— |
— |
4y ago |
Wikimedia MediaWik exposed suppressed log in RevisionDelete page |
|
| CVE-2019-12466 |
unknown |
— |
— |
4y ago |
Wikimedia MediaWiki allows CSRF |
|
| CVE-2019-12469 |
unknown |
— |
— |
4y ago |
MediaWiki Incorrect Access Control vulnerability |
|
| CVE-2019-12473 |
unknown |
— |
— |
4y ago |
Wikimedia Potential DOS due to slow WatchedItemStore::countVisitingWatchersMultiple |
|
| CVE-2019-12467 |
unknown |
— |
— |
4y ago |
MediaWiki Incorrect Access Control vulnerability |
|
| CVE-2019-12468 |
unknown |
— |
— |
4y ago |
Wikimedia MediaWiki Incorrect Access Control vulnerability |
|
| CVE-2018-0504 |
unknown |
— |
— |
4y ago |
Mediawiki information disclosure vulnerability |
|