Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:12 p.m.7 views

CVE-2022-36674

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /schedules/viewschedule.php...

7.2CVSS8.3AI score0.0083EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/14 4:52 a.m.7 views

CVE-2024-36674

LyLmespage v1.9.5 is vulnerable to Cross Site Scripting XSS via admin/link.php...

6.1CVSS6AI score0.00322EPSS
Exploits1References3
NVD
NVD
added 2024/06/03 4:15 p.m.12 views

CVE-2024-36674

LyLmespage v1.9.5 is vulnerable to Cross Site Scripting XSS via admin/link.php...

6.1CVSS5.8AI score0.00322EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/06/03 3:41 p.m.17 views

CVE-2024-36674

LyLmespage v1.9.5 is vulnerable to Cross Site Scripting XSS via admin/link.php...

5.8AI score0.00322EPSS
Exploits1References1
CVE
CVE
added 2024/06/03 3:41 p.m.62 views

CVE-2024-36674

CVE-2024-36674 affects LyLme_spage v1.9.5, with a Cross Site Scripting (XSS) vulnerability exploitable via the admin/link.php endpoint. The NVD entry lists CVSS v3.1 base score 6.1 (Medium), with a network attack vector, low complexity, no privileges required, user interaction needed, and a chang...

6.1CVSS6.3AI score0.00322EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.21 views

Fedora 39 : mediawiki (2023-7e9d6015f6)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-7e9d6015f6 advisory. https://lists.wikimedia.org/hyperkitty/list/mediawiki- [email protected]/thread/H46H5ZYZG2PYUQ5STK7NWKF7GXYW7H6B/ Tenable has extracted t...

6.1CVSS5.5AI score0.00829EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/09/02 12:0 a.m.37 views

Fedora 38 : mediawiki (2023-1fcaba0998)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-1fcaba0998 advisory. https://lists.wikimedia.org/hyperkitty/list/mediawiki- [email protected]/thread/H46H5ZYZG2PYUQ5STK7NWKF7GXYW7H6B/ Tenable has extracted t...

6.1CVSS5.5AI score0.00829EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/09/02 12:0 a.m.33 views

Fedora 37 : mediawiki (2023-d8ae3c122e)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-d8ae3c122e advisory. https://lists.wikimedia.org/hyperkitty/list/mediawiki- [email protected]/thread/H46H5ZYZG2PYUQ5STK7NWKF7GXYW7H6B/ Tenable has extracted t...

6.1CVSS5.5AI score0.00829EPSS
Exploits1References3
Circl
Circl
added 2023/08/20 10:41 p.m.6 views

CVE-2023-36674

creationtimestamp| type| source ---|---|--- 2023-08-20 22:41:28+00:00| seen| https://t.me/cibsecurity/68866...

5.3CVSS5.3AI score0.00623EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/08/20 6:15 p.m.4 views

CVE-2023-36674

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...

5.3CVSS6AI score0.00623EPSS
Exploits0References8
CVE
CVE
added 2023/08/20 12:0 a.m.85 views

CVE-2023-36674

Summary: CVE-2023-36674 affects MediaWiki prior to certain fixed versions. The issue allows bypass of the Bad image list (badFile) by abusing the thumb parameter (Manualthumb) in the File syntax. Affected versions (per sources): MediaWiki before 1.35.11; 1.36.x through 1.38.x before 1.38.7; 1.39....

5.3CVSS5.6AI score0.00623EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2023/07/27 12:0 a.m.41 views

Mageia: Security Advisory (MGASA-2023-0241)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.01216EPSS
Exploits1References4
Mageia
Mageia
added 2023/07/26 10:7 p.m.46 views

Updated mediawiki packages fix security vulnerability

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many...

7.5CVSS6.3AI score0.01216EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/07/06 12:0 a.m.31 views

MediaWiki < 1.35.11, 1.36.x < 1.38.7, 1.39.x < 1.39.4 Multiple Vulnerabilities - Linux

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...

7.5CVSS6.7AI score0.01216EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/07/06 12:0 a.m.26 views

MediaWiki < 1.35.11, 1.36.x < 1.38.7, 1.39.x < 1.39.4 Multiple Vulnerabilities - Windows

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...

7.5CVSS6.7AI score0.01216EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/07/01 12:0 a.m.44 views

FreeBSD : mediawiki -- multiple vulnerabilities (95dad123-180e-11ee-86ba-080027eda32c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 95dad123-180e-11ee-86ba-080027eda32c advisory. - guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are...

7.5CVSS6AI score0.01216EPSS
Exploits1References5
FreeBSD
FreeBSD
added 2023/04/21 12:0 a.m.57 views

mediawiki -- multiple vulnerabilities

Mediawiki reports: T335203, CVE-2023-29197 Upgrade guzzlehttp/psr7 to = 1.9.1/2.4.5. T335612, CVE-2023-36674 Manualthumb bypasses badFile lookup. T332889, CVE-2023-36675 XSS in BlockLogFormatter due to unsafe message use...

7.5CVSS6.4AI score0.01216EPSS
Exploits1References1
CVE
CVE
added 2022/09/01 2:16 a.m.54 views

CVE-2022-36674

The CVE-2022-36674 entry describes a SQL injection in Simple Task Scheduling System v1.0, exploitable via the id parameter at /schedules/view_schedule.php. Affected component is the web-facing PHP endpoint; root cause is unsafely interpolating user-supplied id into a SQL query (SQLi). NVD shows a...

7.2CVSS7.2AI score0.0083EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/09/01 2:16 a.m.17 views

CVE-2022-36674

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /schedules/viewschedule.php...

7.5AI score0.0083EPSS
Exploits1References1
Rows per page
Query Builder