CVE-2024-29898

The CVE-2024-29898 entry concerns Miraheze’s CreateWiki (MediaWiki extension). Affected behavior: during patching for CVE-2024-29897, an oversight could cause suppressed wiki requests listed on Special:RequestWikiQueue to be accessible to users on private wikis who had the (read) permission not r...

CVE-2024-29898 Oversight in fix for GHSA-4rcf-3cj2-46mq may have exposed suppressed wiki requests on private wikis

CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. An oversight during the writing of the patch for CVE-2024-29897 may have exposed suppressed wiki requests to private wikis that added Special:RequestWikiQueue to the read whitelist to users without the read permission...

CVE-2022-29898

creationtimestamp| type| source ---|---|--- 2022-05-11 18:35:36+00:00| seen| https://t.me/cibsecurity/42360...

CVE-2022-29898

CVE-2022-29898 affects Phoenix Contact RAD-ISM-900-EN-* devices. The WebUI configuration file uploader allows an admin to trigger arbitrary code execution with root privileges due to improper validation of an integrity check value, across all firmware versions. Based on the documents, the impact ...

CVE-2022-29898 Remote Code Execution in all versions of various RAD-ISM-900-EN-* devices by PHOENIX CONTACT

On various RAD-ISM-900-EN- devices by PHOENIX CONTACT an admin user could use the configuration file uploader in the WebUI to execute arbitrary code with root privileges on the OS due to an improper validation of an integrity check value in all versions of the firmware...

CVE-2022-29898

On various RAD-ISM-900-EN- devices by PHOENIX CONTACT an admin user could use the configuration file uploader in the WebUI to execute arbitrary code with root privileges on the OS due to an improper validation of an integrity check value in all versions of the firmware...