Lucene search
+L

49 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19886

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00309EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/07/05 4:20 p.m.9 views

CVE-2025-53501

Improper Access Control vulnerability in Wikimedia Foundation Mediawiki - Scribunto Extension allows : Accessing Functionality Not Properly Constrained by Authorization.This issue affects Mediawiki - Scribunto Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before...

8.8CVSS6.5AI score0.00309EPSS
Exploits1References1
NVD
NVD
added 2025/07/03 5:15 p.m.8 views

CVE-2025-53501

Improper Access Control vulnerability in Wikimedia Foundation Mediawiki - Scribunto Extension allows : Accessing Functionality Not Properly Constrained by Authorization.This issue affects Mediawiki - Scribunto Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before...

8.8CVSS0.00309EPSS
Exploits1References2
OSV
OSV
added 2025/07/03 5:15 p.m.7 views

CVE-2025-53501

Improper Access Control vulnerability in Wikimedia Foundation Mediawiki - Scribunto Extension allows : Accessing Functionality Not Properly Constrained by Authorization.This issue affects Mediawiki - Scribunto Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before...

8.8CVSS7AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/03 4:15 p.m.3 views

CVE-2025-53501 Content Access Bypass in Scribunto

Improper Access Control vulnerability in Wikimedia Foundation Mediawiki - Scribunto Extension allows : Accessing Functionality Not Properly Constrained by Authorization.This issue affects Mediawiki - Scribunto Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before...

6.6AI score0.00309EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/07/03 4:15 p.m.13 views

CVE-2025-53501 Content Access Bypass in Scribunto

Improper Access Control vulnerability in Wikimedia Foundation Mediawiki - Scribunto Extension allows : Accessing Functionality Not Properly Constrained by Authorization.This issue affects Mediawiki - Scribunto Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before...

0.00309EPSS
Exploits1References2
CVE
CVE
added 2025/07/03 4:15 p.m.29 views

CVE-2025-53501

The CVE-2025-53501 issue affects the Mediawiki Scribunto Extension (Wikimedia Foundation). The root cause is improper access control that allows accessing functionality not properly constrained by authorization. Affected versions include Scribunto 1.39.x before 1.39.12, 1.42.x before 1.42.7, and ...

8.8CVSS6.7AI score0.00309EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/03 12:0 a.m.6 views

PT-2025-27809 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: Mediawiki - Scribunto Extension versions 1.39.0 through 1.39.11 Mediawiki - Scribunto Extension versions 1.42.0 through 1.42.6 Mediawiki - Scribunto Extension versions 1.43.0 through 1.43.1 Description: The issue is related to an Improper...

8.8CVSS6.4AI score0.00309EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/07/03 12:0 a.m.7 views

Wikimedia Mediawiki Scribunto Extension 安全漏洞

Wikimedia Mediawiki Scribunto Extension is a Wikimedia Foundation extension for wiki projects. A security vulnerability exists in Wikimedia Mediawiki Scribunto Extension that stems from improper access control and could lead to unauthorized feature access. The following versions are affected:...

8.8CVSS6.4AI score0.00309EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:20 a.m.4 views

SUSE CVE-2015-2939

Cross-site scripting XSS vulnerability in the Scribunto extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a function name, which is not properly handled in a Lua error backtrace...

4.3CVSS5.7AI score0.02108EPSS
Exploits0References3
NVD
NVD
added 2020/01/27 4:15 p.m.17 views

CVE-2014-9481

The Scribunto extension for MediaWiki allows remote attackers to obtain the rollback token and possibly other sensitive information via a crafted module, related to unstripping special page HTML...

5.9CVSS5.6AI score0.01342EPSS
Exploits0References4
Prion
Prion
added 2020/01/27 4:15 p.m.18 views

Design/Logic Flaw

The Scribunto extension for MediaWiki allows remote attackers to obtain the rollback token and possibly other sensitive information via a crafted module, related to unstripping special page HTML...

4.3CVSS6.8AI score0.01342EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2020/01/27 3:38 p.m.65 views

CVE-2014-9481

CVE-2014-9481 concerns the Scribunto extension for MediaWiki. The provided documents specify that remote attackers can obtain the rollback token (and possibly other sensitive information) through a crafted Scribunto module, related to unstripping special page HTML. The current sources do not incl...

5.9CVSS5.8AI score0.01342EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/01/27 3:38 p.m.18 views

CVE-2014-9481

The Scribunto extension for MediaWiki allows remote attackers to obtain the rollback token and possibly other sensitive information via a crafted module, related to unstripping special page HTML...

5.9AI score0.01342EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/12/17 12:0 a.m.7 views

The vulnerability of the S Pip content management system lies in the redirection of URLs to unreliable websites, allowing attackers to compromise data integrity.

The vulnerability of the Scribunto content management system is related to the redirection of URLs to an unreliable website. Exploiting this vulnerability can allow a malicious actor, operating remotely, to compromise the integrity of the data...

6.1CVSS6.9AI score0.011EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/12/17 12:0 a.m.8 views

The vulnerability of the S Pip content management system, related to incorrect authorization, allows a violator to compromise data integrity.

The vulnerability of the Scribunto content management system is related to improper authorization. Exploiting this vulnerability can allow a malicious actor, operating remotely, to compromise the data integrity...

6.5CVSS7AI score0.01487EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/12/17 12:0 a.m.10 views

The vulnerability of the S Pip content management system lies in the lack of measures taken to protect the website structure, allowing attackers to compromise the integrity of the data.

The vulnerability of the Scribunto content management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of the data...

6.1CVSS6.9AI score0.0116EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/12/17 12:0 a.m.8 views

The vulnerability of the S Pip content management system, related to the disclosure of user information, allows a violator to gain unauthorized access to this information.

The vulnerability of the Scribunto content management system is related to the disclosure of user information. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to information...

5.3CVSS6.7AI score0.07538EPSS
Exploits2References4Affected Software2
Tenable Nessus
Tenable Nessus
added 2016/08/05 12:0 a.m.26 views

MediaWiki < 1.19.24 / 1.23.9 / 1.24.2 Multiple Vulnerabilities

Binary data 9471.prm...

7.1CVSS7.3AI score0.02834EPSS
Exploits4References14
CNVD
CNVD
added 2015/04/14 12:0 a.m.36 views

MediaWiki Scribunto Extension Cross-Site Scripting Vulnerability

MediaWiki is a Wiki program. A cross-site scripting vulnerability exists in the MediaWiki Scribunto extension. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via function names...

4.3CVSS6AI score0.02108EPSS
Exploits0References1
Rows per page
Query Builder