National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:mediawiki:mediawiki:1.3.9
There are 124 matching records.
Displaying matches 121 through 124.
Vuln ID Summary CVSS Severity
CVE-2005-0534

Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allow remote attackers to inject arbitrary web script.

Published: May 02, 2005; 12:00:00 AM -04:00
    V2: 4.3 MEDIUM
CVE-2005-0536

Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to delete arbitrary files or determine file existence via a parameter related to image deletion.

Published: May 02, 2005; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2005-1245

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, when using HTML Tidy ($wgUseTidy), allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Published: May 02, 2005; 12:00:00 AM -04:00
    V2: 4.3 MEDIUM
CVE-2005-0535

Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to perform unauthorized actions as authenticated MediaWiki users.

Published: February 22, 2005; 12:00:00 AM -05:00
    V2: 7.5 HIGH