CVE-2020-18081

The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attackers to obtain the password in plaintext through a SQL query...

CVE-2020-18081

The CVE-2020-18081 entry concerns SEMCMS 3.8, where the checkuser function is vulnerable to an access-control/SQL query flaw that can disclose plaintext passwords. The vulnerability allows an attacker to obtain passwords via a crafted SQL query, with network access and no authentication required ...

SEMCMS SQL注入漏洞

SEMCMS is a foreign trade web content management system CMS that supports multiple languages. SEMCMS suffers from an Access Control Error vulnerability, which stems from a vulnerability found in the checkuser function, which can be exploited by an attacker to obtain passwords in plaintext via a S...

MediaWiki code issue vulnerability (CNVD-2021-35232)

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. A code issue vulnerability exists in MediaWiki version 1.35.2 and prior versions, which stems from the...

CVE-2021-31553

An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the culog database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example, the attacker could...

CVE-2021-31553

An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the culog database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example, the attacker could...

Format string

An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the culog database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example, the attacker could...

CVE-2021-31553

An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the culog database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example, the attacker could...

CVE-2021-31553

CVE-2021-31553 affects MediaWiki with the CheckUser extension up to 1.35.2. The issue arises when usernames with trailing whitespace are stored in the cu_log table, enabling denial of service on certain CheckUser pages and functionality. The example impact is interference with usage tracking by p...

PT-2021-19424 · Mediawiki +1 · Checkuser Extension +2

Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.35.2 Description: An issue in the CheckUser extension allows MediaWiki usernames with trailing whitespace to be stored in the cu log database table, causing denial of service for certain CheckUser extension pages...

MediaWiki 代码问题漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. A code issue vulnerability exists in MediaWiki version 1.35.2 and prior versions, which stems from the...

Seacms 11.1 - 'checkuser' Stored XSS

Exploit Title: Seacms 11.1 - 'checkuser' Stored XSS Date: 20201212 Exploit Author: j5s Vendor Homepage: https://www.seacms.net/ Software Link: https://www.seacms.net/ Version: 11.1 POST /SEACMS111/5f9js3/adminsafe.php?action=setting HTTP/1.1 Host: 192.168.137.139 User-Agent: Mozilla/5.0 Windows N...

Seacms 11.1 Cross Site Scripting

Exploit Title: Seacms 11.1 - 'checkuser' Stored XSS Date: 20201212 Exploit Author: j5s Vendor Homepage: https://www.seacms.net/ Software Link: https://www.seacms.net/ Version: 11.1 POST /SEACMS111/5f9js3/adminsafe.php?action=setting HTTP/1.1 Host: 192.168.137.139 User-Agent: Mozilla/5.0 Windows N...

Unspecified vulnerability in MediaWiki CheckUser extension

MediaWiki is a free and freely available web-based Wiki engine from the MediaWiki Wikimedia Foundation in the United States. The product can be used to deploy in-house knowledge management and content management systems. checkUser extension is one of the user information checking extensions. A...

CVE-2019-16529

An issue was discovered in the CheckUser extension through 1.35.0 for MediaWiki. Oversighted edit summaries are still visible in CheckUser results in violation of MediaWiki's permissions model...

CVE-2019-16529

An issue was discovered in the CheckUser extension through 1.35.0 for MediaWiki. Oversighted edit summaries are still visible in CheckUser results in violation of MediaWiki's permissions model...

Design/Logic Flaw

An issue was discovered in the CheckUser extension through 1.35.0 for MediaWiki. Oversighted edit summaries are still visible in CheckUser results in violation of MediaWiki's permissions model...

CVE-2019-16529

The vulnerability CVE-2019-16529 affects the MediaWiki CheckUser extension up to version 1.35.0 . The issue is that oversighted edit summaries are still visible in CheckUser results, which violates MediaWiki’s permissions model. The connected sources confirm the existence of this exposure but do ...

CVE-2019-16529

An issue was discovered in the CheckUser extension through 1.35.0 for MediaWiki. Oversighted edit summaries are still visible in CheckUser results in violation of MediaWiki's permissions model...

CVE-2019-18611

An issue was discovered in the CheckUser extension through 1.34 for MediaWiki. Certain sensitive information within oversighted edit summaries made available via the MediaWiki API was potentially visible to users with various levels of access to this extension. Said users should not have been abl...