2 matches found
MediaWiki Language Option PHP Code Execution (CVE-2005-4031)
MediaWiki is a web-based enterprise collaboration platform developed in the PHP scripting language. The software is a set of CGI programs that are loaded and executed by an HTTP server. It typically runs as a document management system, or a knowledge base. The web content of a MediaWiki...
CVE-2005-4031
MediaWiki 1.5.x is affected by an Eval injection vulnerability before 1.5.3 that allows remote attackers to execute arbitrary PHP code via the user language option, which is used to form a dynamic class name processed by eval. Root cause: improper handling of user-supplied language selection lead...