Lookup for vulnerabilities affecting packages.
| Vulnerability_id | VCID-wczj-zjje-myfg |
|---|
| Summary | |
|---|
| Aliases |
|
|---|
| Fixed_packages |
|
|---|
| Affected_packages |
|
|---|
| References |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
|---|
| Weaknesses |
|
|---|
| Exploits |
| 0 |
| date_added |
null |
| description |
MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5 and 1.19.x before 1.19.11,
when DjVu or PDF file upload support is enabled, allows remote unauthenticated
users to execute arbitrary commands via shell metacharacters. If no target file
is specified this module will attempt to log in with the provided credentials to
upload a file (.DjVu) to use for exploitation. |
| required_action |
null |
| due_date |
null |
| notes |
Reliability:
- unknown-reliability
Stability:
- unknown-stability
SideEffects:
- unknown-side-effects
|
| known_ransomware_campaign_use |
false |
| source_date_published |
2014-01-28 |
| exploit_type |
null |
| platform |
PHP,Unix,Windows |
| source_date_updated |
null |
| data_source |
Metasploit |
| source_url |
https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/http/mediawiki_thumb.rb |
|
| 1 |
| date_added |
2014-02-01 |
| description |
MediaWiki 1.22.1 PdfHandler - Remote Code Execution |
| required_action |
null |
| due_date |
null |
| notes |
null |
| known_ransomware_campaign_use |
true |
| source_date_published |
2014-02-01 |
| exploit_type |
webapps |
| platform |
multiple |
| source_date_updated |
2014-02-01 |
| data_source |
Exploit-DB |
| source_url |
|
|
|
|---|
| Severity_range_score | null |
|---|
| Exploitability | null |
|---|
| Weighted_severity | null |
|---|
| Risk_score | null |
|---|
| Resource_url | http://public2.vulnerablecode.io/vulnerabilities/VCID-wczj-zjje-myfg |
|---|