Description

Unrestricted file upload vulnerability in the chunk upload API in MediaWiki 1.19 through 1.19.6 and 1.20.x before 1.20.6 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.

Remediation

References

CVE-2013-2114

Related Vulnerabilities

Internet Information Services Other Vulnerability (CVE-1999-0737)

Drupal Core 9.0.x Remote Code Execution (9.0.0 - 9.0.7)

WordPress Plugin post highlights Cross-Site Scripting (2.6)

WordPress Plugin WP Affiliate Disclosure Security Bypass (1.1.3)

CubeCart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-38130)

Severity

Medium

Classification

CVE-2013-2114

Tags

Missing Update Known Vulnerabilities