• MediaWiki version older than 1.22.2, 1.21.5 and 1.19.11 are affected by a remote code execution vulnerability if file upload support for DjVu is enabled (natively supported by MediaWiki) or PDF file upload support is enabled (in combination with the PdfHandler extension). Neither file type is enabled by default in MediaWiki installations. If you are affected, we strongly urge you to update immediately.

• Update to the latest version of MediaWiki.

• • MediaWiki Security Releases: 1.22.2, 1.21.5 and 1.19.11

• 

• CVE-2014-1610

• CWE-20

• Code Execution Configuration Missing Update

• JIRA Security Advisory 2013-02-21
• DNS cache snooping
• Ruby on Rails database configuration file
• SharePoint user enumeration
• CodeIgniter weak encryption key