Description

Unrestricted file upload vulnerability in the chunk upload API in MediaWiki 1.19 through 1.19.6 and 1.20.x before 1.20.6 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.

Remediation

References

CVE-2013-2114

Related Vulnerabilities

Envoy Proxy CVE-2020-25018 Vulnerability (CVE-2020-25018)

Oracle Database Server CVE-2008-1816 Vulnerability (CVE-2008-1816)

WordPress Plugin Filter & Grids Local File Inclusion (2.8.32)

WordPress Plugin WonderPlugin Audio Player Multiple Vulnerabilities (2.0)

XWiki Improper Authentication Vulnerability (CVE-2022-36092)

Severity

Medium

Classification

CVE-2013-2114

Tags

Missing Update Known Vulnerabilities