Lucene search
+L

4 matches found

nvd
nvd
added 2024/10/05 1:15 a.m.29 views

CVE-2024-47849

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows SQL Injection.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1...

9.8CVSS0.0055EPSS
Exploits1References3
cve
cve
added 2024/10/05 12:29 a.m.54 views

CVE-2024-47849

CVE-2024-47849 affects the MediaWiki extension Cargo for MediaWiki 3.6.x prior to 3.6.1, caused by improper neutralization in SQL commands leading to SQL Injection. Public sources concur on versions to fix: update Cargo to 3.6.1 or later (Snyk lists 3.7+ as the remediation). Documented impact is ...

9.8CVSS9.8AI score0.0055EPSS
Exploits1References3Affected Software1
vulnrichment
vulnrichment
added 2024/10/05 12:29 a.m.16 views

CVE-2024-47849 Backticks can allow the usage of not-allowed SQL functions

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows SQL Injection.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1...

8.8CVSS7.7AI score0.0055EPSS
Exploits1References3
cvelist
cvelist
added 2024/10/05 12:29 a.m.16 views

CVE-2024-47849 Backticks can allow the usage of not-allowed SQL functions

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows SQL Injection.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1...

8.8CVSS0.0055EPSS
Exploits1References3
Rows per page
Query Builder