Lucene search
HistoryDec 06, 2005 - 11:03 a.m.
CVE-2005-4031
cve-2005-4031
eval injection
mediawiki
remote attackers
arbitrary php code
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.7 High
AI Score
Confidence
Low
0.151 Low
EPSS
Percentile
95.9%
Eval injection vulnerability in MediaWiki 1.5.x before 1.5.3 allows remote attackers to execute arbitrary PHP code via the “user language option,” which is used as part of a dynamic class name that is processed using the eval function.
Affected configurations
Node
mediawikimediawikiMatch1.5.0
ORmediawikimediawikiMatch1.5.1
ORmediawikimediawikiMatch1.5.2
ORmediawikimediawikiMatch1.5_alpha1
ORmediawikimediawikiMatch1.5_alpha2
ORmediawikimediawikiMatch1.5_beta1
ORmediawikimediawikiMatch1.5_beta2
ORmediawikimediawikiMatch1.5_beta3
Related
checkpoint_advisories
checkpoint_advisories
MediaWiki Language Option PHP Code Execution (CVE-2005-4031)
2009-12-02 00:00:00
nessus
nessus
MediaWiki Language Option eval() Function Arbitrary PHP Code Execution
2005-12-05 00:00:00
ubuntucve
ubuntucve
CVE-2005-4031
2005-12-06 00:00:00
cvelist
cvelist
CVE-2005-4031
2005-12-06 11:00:00
nvd
nvd
CVE-2005-4031
2005-12-06 11:03:00
CVE-2005-4067
2005-12-07 23:03:00
debiancve
debiancve
CVE-2005-4031
2005-12-06 11:03:00
cve
cve
CVE-2005-4067
2005-12-07 23:03:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.7 High
AI Score
Confidence
Low
0.151 Low
EPSS
Percentile
95.9%
Related for CVE-2005-4031