Mediawiki : Security Vulnerabilities, CVEs, (Sql injection) CVSS score >= 6
The SemanticDrilldown extension for MediaWiki through 1.37.2 (before e688bdba6434591b5dff689a45e4d53459954773) allows SQL injection with certain '-' and '_' constraints.
Max CVSS
9.8
EPSS Score
0.16%
Published
2022-04-29
Updated
2022-05-10
SQL injection vulnerability in MediaWiki 1.3.5 allows remote attackers to execute arbitrary SQL commands via SpecialMaintenance.
Max CVSS
7.5
EPSS Score
0.12%
Published
2004-12-31
Updated
2008-09-05
2 vulnerabilities found