CVE-2015-8002

The chunked upload API ApiUpload in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 allows remote authenticated users to cause a denial of service disk consumption via a file upload using one byte chunks...

CVE-2015-8002

The chunked upload API ApiUpload in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 allows remote authenticated users to cause a denial of service disk consumption via a file upload using one byte chunks...

CVE-2015-8001

The chunked upload API ApiUpload in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not restrict the uploaded data to the claimed file size, which allows remote authenticated users to cause a denial of service via a chunk that exceeds the file size...

MediaWiki 'api/ApiUpload.php' Security Bypass Vulnerability

MediaWiki is a suite of free and freely available web-based wiki engines that can be used to deploy in-house knowledge management and content management systems. MediaWiki has a security vulnerability that allows remote attackers to exploit the vulnerability and bypass security restrictions to...

FreeBSD : mediawiki -- multiple vulnerabilities (b973a763-7936-11e5-a2a1-002590263bf5)

MediaWiki reports : Wikipedia user RobinHood70 reported two issues in the chunked upload API. The API failed to correctly stop adding new chunks to the upload when the reported size was exceeded T91203, allowing a malicious users to upload add an infinite number of chunks for a single file upload...

DEBIAN-CVE-2013-2114

Unrestricted file upload vulnerability in the chunk upload API in MediaWiki 1.19 through 1.19.6 and 1.20.x before 1.20.6 allows remote attackers to execute arbitrary code by uploading a file with an executable extension...