CVE-2005-0536
MediaWiki 1.3.x < 1.3.11 and 1.4 beta < 1.4 rc1 - Directory Traversal via Image Deletion Parameter
Title source: llmDescription
Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to delete arbitrary files or determine file existence via a parameter related to image deletion.
References (4)
Core 4
Core References
Patch, Vendor Advisory vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1013260
Patch, Vendor Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200502-33.xml
Patch x_refsource_confirm
http://sourceforge.net/project/shownotes.php?release_id=307067
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/14360
Scores
EPSS
0.0106
EPSS Percentile
77.9%
Details
Status
published
Products (17)
mediawiki/mediawiki
1.3.0
mediawiki/mediawiki
1.3.1
mediawiki/mediawiki
1.3.2
mediawiki/mediawiki
1.3.3
mediawiki/mediawiki
1.3.4
mediawiki/mediawiki
1.3.5
mediawiki/mediawiki
1.3.6
mediawiki/mediawiki
1.3.7
mediawiki/mediawiki
1.3.8
mediawiki/mediawiki
1.3.9
... and 7 more
Published
May 02, 2005
Tracked Since
Feb 18, 2026