PT-2024-36794 · Unknown · Uptime Kuma

Name of the Vulnerable Software and Affected Versions: Uptime Kuma versions prior to 1.23.16 Description: An Improper URL Handling issue allows an attacker to access sensitive local files on the server by exploiting the file:/// protocol. This issue is triggered via the "real-browser" request typ...

Mediawiki security bypass vulnerability (CNVD-2018-10132)

MediaWiki is a free and free web-based Wiki engine developed and maintained by the Wikimedia Foundation and MediaWiki volunteers, which can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in Mediawiki versions prior to 1.28.1, 1.27.2...

Information disclosure

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains an information disclosure flaw, where the api.log might contain passwords in plaintext...

Xxe

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 has a flaw where Special:UserLogin?returnto=interwiki:foo will redirect to external sites...