Description

Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to delete arbitrary files or determine file existence via a parameter related to image deletion.

Remediation

References

CVE-2005-0536

Related Vulnerabilities

phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2958)

WordPress Plugin Easy Google Fonts Cross-Site Scripting (1.3.6)

WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce CSV Injection (5.5.2)

WordPress Plugin BuddyPress Global Search Cross-Site Scripting (1.1.0)

WordPress Plugin WP Events Calendar 'event_id' Parameter SQL Injection (6.5.2)

Severity

Medium

Classification

CVE-2005-0536

Tags

Missing Update Known Vulnerabilities