Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / mediawiki

mediawiki

431 tracked vulnerabilities.

CVE-2017-0364 MEDIUM

MediaWiki < 1.23.16 - URL Redirection to Untrusted Site via Special:Search

CVE-2017-0363 MEDIUM

MediaWiki < 1.23.16 - URL Redirection to Untrusted Site via Special:UserLogin returnto Parameter

CVE-2017-0362 HIGH

MediaWiki < 1.23.16 - Cross-Site Request Forgery via Watchlist Mark All Pages Visited

CVE-2017-0361 HIGH

MediaWiki < 1.23.16 - Exposure of Sensitive Information via API Log

CVE-2017-8815 HIGH

MediaWiki < 1.27.4, 1.28.x < 1.28.3, 1.29.x < 1.29.2 - Attribute Injection via Language Converter Glossary Rules

CVE-2017-8814 HIGH

MediaWiki < 1.27.4, 1.28.x < 1.28.3, 1.29.x < 1.29.2 - Text Injection via Language Converter Rule Definition

CVE-2017-8812 MEDIUM

MediaWiki <1.27.4, <1.28.3, <1.29.2 - XSS

CVE-2017-8811 MEDIUM

MediaWiki < 1.27.4, 1.28.x < 1.28.3, 1.29.x < 1.29.2 - HTML Mangling via Raw Message Parameter Expansion

CVE-2017-8810 HIGH

MediaWiki < 1.27.4, 1.28.x < 1.28.3, 1.29.x < 1.29.2 - Username Enumeration via Login Error Messages

CVE-2017-8809 CRITICAL

MediaWiki < 1.27.4, 1.28.x < 1.28.3, 1.29.x < 1.29.2 - Reflected File Download via api.php

CVE-2017-8808 MEDIUM

MediaWiki < 1.27.4, 1.28.x < 1.28.3, 1.29.x < 1.29.2 - Cross-Site Scripting via Non-Standard URL Escaping

CVE-2016-6337 HIGH

MediaWiki 1.27.x - Improper Access Control via UserGetRights Function

CVE-2016-6336 MEDIUM

MediaWiki <1.23.15, <1.26.x-1.26.4, <1.27.x-1.27.1 - Auth Bypass

CVE-2016-6335 HIGH

MediaWiki <1.23.15, <1.26.4, <1.27.1 - Info Disclosure

CVE-2016-6334 MEDIUM

MediaWiki <1.23.15, <1.26.x-<1.26.4, <1.27.x-<1.27.1 - XSS

CVE-2016-6333 MEDIUM

MediaWiki <1.23.15, <1.26.x-<1.26.4, <1.27.x-<1.27.1 - XSS

CVE-2016-6332 HIGH

MediaWiki <1.23.15, <1.26.4, <1.27.1 - Info Disclosure

CVE-2016-6331 HIGH

MediaWiki <1.23.15, <1.26.4, <1.27.1 - Auth Bypass

CVE-2015-10058 LOW

Wikisource Category Browser < 2015-07-10 - Cross-Site Scripting via Lang Parameter

CVE-2015-8008 HIGH

MediaWiki < 1.25.3 - OAuth IP Address Access Restriction Bypass via API Request

CVE-2015-8009 CRITICAL

MediaWiki <1.25.3-1.24.4-1.23.11 - Auth Bypass

CVE-2015-8628 MEDIUM

MediaWiki < 1.23.12, 1.24.x < 1.24.5, 1.25.x < 1.25.4, 1.26.x < 1.26.1 - Sensitive User Login Info Exposure

CVE-2015-8627 MEDIUM

MediaWiki < 1.23.12, 1.24.x < 1.24.5, 1.25.x < 1.25.4, 1.26.x < 1.26.1 - Zero-Padded IP Address Bypass

CVE-2015-8626 CRITICAL

MediaWiki Weak Password Generation in User::randomPassword

CVE-2015-8625 HIGH

MediaWiki < 1.23.12, 1.24.x < 1.24.5, 1.25.x < 1.25.4, 1.26.x < 1.26.1 - Arbitrary File Read

Previous Page 11 of 18 Next

Products

mediawiki 395 core 29 cargo 9 checkuser 8 abusefilter 3 visual_editor 3 mobilefrontend 2 abuse-filter 1 createredirect 1 data-transfer 1 matomo 1 mediawik 1 mediawiki_botquery_ext 1 rss_for_mediawiki 1 rssreader 1 score 1 scribunto 1 semantic-media-wiki 1 semantic_drilldown 1 shortdescription 1 skin\ 1 wikisource_category_browser 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy