WEB APPLICATION VULNERABILITIES Standard & Premium

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-1686)

Description

MediaWiki 1.18.0 allows remote attackers to obtain the installation path via vectors related to thumbnail creation.

Remediation

References

Related Vulnerabilities

WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar Cross-Site Request Forgery (1.8.2)

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-27898)

WordPress Plugin File Manager Cross-Site Request Forgery (3.0.1)

TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13422)

Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2024-45809)

Severity

Medium

Classification

CVE-2014-1686 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities