Max CVSS 5.8 Min CVSS 2.6 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2011-1578 4.3
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html at
23-07-2021 - 12:16 27-04-2011 - 00:55
CVE-2011-1579 5.8
The checkCss function in includes/Sanitizer.php in the wikitext parser in MediaWiki before 1.16.3 does not properly validate Cascading Style Sheets (CSS) token sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks or
17-08-2017 - 01:34 27-04-2011 - 00:55
CVE-2011-1580 3.5
The transwiki import functionality in MediaWiki before 1.16.3 does not properly check privileges, which allows remote authenticated users to perform imports from any wgImportSources wiki via a crafted POST request.
17-08-2017 - 01:34 27-04-2011 - 00:55
CVE-2010-2787 4.3
api.php in MediaWiki before 1.15.5 does not prevent use of public caching headers for private data, which allows remote attackers to bypass intended access restrictions and obtain sensitive information by retrieving documents from an HTTP proxy cache
07-09-2011 - 03:10 27-04-2011 - 00:55
CVE-2010-2788 2.6
Cross-site scripting (XSS) vulnerability in profileinfo.php in MediaWiki before 1.15.5, when wgEnableProfileInfo is enabled, allows remote attackers to inject arbitrary web script or HTML via the filter parameter.
07-09-2011 - 03:10 27-04-2011 - 00:55
Back to Top Mark selected
Back to Top