Description
Eval injection vulnerability in MediaWiki 1.5.x before 1.5.3 allows remote attackers to execute arbitrary PHP code via the "user language option," which is used as part of a dynamic class name that is processed using the eval function.
Remediation
References
Related Vulnerabilities
WordPress Plugin Ivory Search-WordPress Search Unspecified Vulnerability (5.4.3)
Chamilo Use of Insufficiently Random Values Vulnerability (CVE-2026-33710)
Oracle Database Server CVE-2008-1818 Vulnerability (CVE-2008-1818)
Oracle HTTP Server CVE-2021-2480 Vulnerability (CVE-2021-2480)
WordPress Plugin Multisite Global Search 'mssearch' Parameter Cross-Site Scripting (1.2.5)