Mediawiki : Security Vulnerabilities, CVEs, Published In 2005 CVSS score >= 7
Eval injection vulnerability in MediaWiki 1.5.x before 1.5.3 allows remote attackers to execute arbitrary PHP code via the "user language option," which is used as part of a dynamic class name that is processed using the eval function.
Max CVSS
7.5
EPSS Score
15.13%
Published
2005-12-06
Updated
2011-03-08
Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to perform unauthorized actions as authenticated MediaWiki users.
Max CVSS
7.5
EPSS Score
0.72%
Published
2005-02-22
Updated
2011-03-08
2 vulnerabilities found