Skip to main content
CVE-2013-4301 MEDIUM POC This Month

includes/resourceloader/ResourceLoaderContext.php in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allows remote attackers to obtain sensitive information via a "<". Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Mediawiki
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2013-4122 MEDIUM POC This Month

Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service Cyrus Sasl
NVD
CVSS 2.0
4.3
EPSS
1.2%
CVE-2013-0337 HIGH This Week

The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Nginx
NVD
CVSS 2.0
7.5
EPSS
0.9%
CVE-2013-4428 LOW POC PATCH Monitor

OpenStack Image Registry and Delivery Service (Glance) Folsom, Grizzly before 2013.1.4, and Havana before 2013.2, when the download_image policy is configured, does not properly restrict access to. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

Privilege Escalation Glance Ubuntu Linux
NVD
CVSS 2.0
3.5
EPSS
0.3%
CVE-2013-4302 MEDIUM PATCH This Month

(1) ApiBlock.php, (2) ApiCreateAccount.php, (3) ApiLogin.php, (4) ApiMain.php, (5) ApiQueryDeletedrevs.php, (6) ApiTokens.php, and (7) ApiUnblock.php in includes/api/ in MediaWiki 1.19.x before. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

PHP Privilege Escalation CSRF Mediawiki
NVD
CVSS 2.0
5.0
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy