UBUNTU-CVE-2015-2941

Cross-site scripting XSS vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to inject arbitrary web script or HTML via an invalid parameter in a wddx format request to api.php, which is not properly handled in an error...

Cross site scripting

Cross-site scripting XSS vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to inject arbitrary web script or HTML via an invalid parameter in a wddx format request to api.php, which is not properly handled in an error...

CVE-2015-2941

Cross-site scripting XSS vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to inject arbitrary web script or HTML via an invalid parameter in a wddx format request to api.php, which is not properly handled in an error...

CVE-2015-2941

Cross-site scripting XSS vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to inject arbitrary web script or HTML via an invalid parameter in a wddx format request to api.php, which is not properly handled in an error...

CVE-2014-9714

Cross-site scripting XSS vulnerability in the WddxPacket::recursiveAddVar function in HHVM aka the HipHop Virtual Machine before 3.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted string to the wddxserializevalue function...

CVE-2015-2941

CVE-2015-2941 affects MediaWiki prior to 1.19.24, 1.2x prior to 1.23.9, and 1.24.x prior to 1.24.2 when HHVM is used. The vulnerability arises from improper handling of a wddx_serialize_value call in api.php for invalid parameters in a wddx format request, which can lead to cross-site scripting v...

PHP <= 5.4.3 - wddx_serialize_* / stream_bucket_* Variant Object Null Ptr Derefernce

No description provided by source. ?php / PHP = 5.4.3 wddxserialize / streambucket Variant Object Null Ptr Derefernce Author : condis Date : 10.04.2012 AD Website : http://cond.psychodela.pl ---- Download : http://php.net/downloads.php Tested on: PHP 5.3.8 + Windows XP SP3 Professional PL PHP...

PHP 5.4.3 多个空指针引用拒绝服务漏洞

BUGTRAQ ID: 53643 PHP是一种HTML内嵌式的语言，PHP与微软的ASP颇有几分相似，都是一种在服务器端执行的嵌入HTML文档的脚本语言，语言的风格有类似于C语言，现在被很多的网站编程人员广泛的运用。 PHP 5.4.3之前版本在实现时存在空指针引用导致的多个拒绝服务漏洞，攻击者可利用这些漏洞造成应用崩溃。 0 PHP 5.4.3 厂商补丁： PHP --- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.php.net ?php / PHP = 5.4.3 wddxserialize /...

PHP 5.4.3 - wddx_serialize_* stream_bucket_* Variant Object Null Ptr Dereference

PHP 5.4.3 - wddxserialize streambucket Variant Object Null Ptr Dereference 4.1.0 and PHP 5. For more details check : http://php.net/manual/en/class.variant.php PS2: After running this via webserver my Apache wasn't able to handle requests anymore and I had to restar...

PHP 5.4.3 Null Pointer Dereference

4.1.0 and PHP 5. For more details check : http://php.net/manual/en/class.variant.php PS2: After running this via webserver my Apache wasn't able to handle requests anymore and I had to restart him :...