Lucene search
+L

4 matches found

NVD
NVD
added 2024/10/05 1:15 a.m.29 views

CVE-2024-47849

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows SQL Injection.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1...

9.8CVSS0.0055EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/10/05 12:29 a.m.17 views

CVE-2024-47849 Backticks can allow the usage of not-allowed SQL functions

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows SQL Injection.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1...

8.8CVSS0.0055EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/10/05 12:29 a.m.16 views

CVE-2024-47849 Backticks can allow the usage of not-allowed SQL functions

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows SQL Injection.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1...

8.8CVSS7.7AI score0.0055EPSS
Exploits1References3
CVE
CVE
added 2024/10/05 12:29 a.m.55 views

CVE-2024-47849

CVE-2024-47849 affects the MediaWiki extension Cargo for MediaWiki 3.6.x prior to 3.6.1, caused by improper neutralization in SQL commands leading to SQL Injection. Public sources concur on versions to fix: update Cargo to 3.6.1 or later (Snyk lists 3.7+ as the remediation). Documented impact is ...

9.8CVSS9.8AI score0.0055EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder