3 matches found
MediaWiki < 1.23.11 / 1.24.4 / 1.25.3 Multiple Vulnerabilities
Binary data 9472.prm...
CVE-2015-8002
The chunked upload API ApiUpload in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 allows remote authenticated users to cause a denial of service disk consumption via a file upload using one byte chunks...
FreeBSD : mediawiki -- multiple vulnerabilities (b973a763-7936-11e5-a2a1-002590263bf5)
MediaWiki reports : Wikipedia user RobinHood70 reported two issues in the chunked upload API. The API failed to correctly stop adding new chunks to the upload when the reported size was exceeded T91203, allowing a malicious users to upload add an infinite number of chunks for a single file upload...