Lucene search
K

24 matches found

Debian CVE
Debian CVE
added 2014/06/06 2:0 p.m.46 views

CVE-2014-3966

Cross-site scripting XSS vulnerability in Special:PasswordReset in MediaWiki before 1.19.16, 1.21.x before 1.21.10, and 1.22.x before 1.22.7, when wgRawHtml is enabled, allows remote attackers to inject arbitrary web script or HTML via an invalid username...

2.6CVSS5.6AI score0.02097EPSS
Exploits0
CVE
CVE
added 2014/06/06 2:0 p.m.68 views

CVE-2014-3966

CVE-2014-3966 is a cross-site scripting vulnerability in MediaWiki’s Special:PasswordReset when wgRawHtml is enabled. It affects MediaWiki versions prior to 1.19.16, 1.21.x prior to 1.21.10, and 1.22.x prior to 1.22.7, enabling remote attackers to inject arbitrary script/HTML via an invalid usern...

2.6CVSS5.5AI score0.02097EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2013/11/18 2:55 a.m.7 views

UBUNTU-CVE-2013-2032

MediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow extensions to prevent password changes without using both Special:PasswordReset and Special:ChangePassword, which allows remote attackers to bypass the intended restrictions of an extension that only implements one of these blocks...

5CVSS5.8AI score0.0251EPSS
Exploits0References3
Metasploit
Metasploit
added 2012/06/17 2:14 a.m.239 views

Intersil (Boa) HTTPd Basic Authentication Password Reset

The Intersil extension in the Boa HTTP Server 0.93.x - 0.94.11 allows basic authentication bypass when the user string is greater than 127 bytes long. The long string causes the password to be overwritten in memory, which enables the attacker to reset the password. In addition, the malicious...

10CVSS0.1AI score0.68168EPSS
Exploits3
Rows per page
Query Builder