CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Snyk•added 2024/10/09 6:45 p.m.•3 views

Improper Ownership Management

Overview Affected versions of this package are vulnerable to Improper Ownership Management due to the storage and comparison of local actor IDs in the database. An attacker can impersonate another user and manipulate import requests by exploiting coinciding actor IDs across different wikis. Note:...

6.4CVSS6.6AI score0.0032EPSS

Exploits0References2

CNNVD•added 2024/10/09 12:0 a.m.•2 views

ImportDump 安全漏洞

ImportDump is an open source application from Miraheze. A security vulnerability exists in ImportDump, which stems from the fact that a user on another wiki can act as the original wiki requester if the user on the other wiki happens to have the same participant ID as a user on this wiki...

6.4CVSS6.7AI score0.0032EPSS

Exploits0References5

OSV•added 2020/09/27 9:15 p.m.•1 views

DEBIAN-CVE-2020-25827

An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. For Wikis using OATHAuth on a farm/cluster such as via CentralAuth, rate limiting of OATH tokens is only done on a single site level. Thus, multiple requests can be made across...

7.5CVSS7.5AI score0.01752EPSS

Exploits1References1

OSV•added 2020/09/27 9:15 p.m.•2 views

UBUNTU-CVE-2020-25827

7.5CVSS7.1AI score0.01752EPSS

Exploits1References6