- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 24994
- Проверка EDB
-
- Пройдено
- Автор
- JEREMY BAE
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2004-1405
- Дата публикации
- 2004-12-16
MediaWiki 1.3.x - Arbitrary Script Upload
Код:
source: https://www.securityfocus.com/bid/11985/info
MediaWiki is reported prone to a vulnerability that can allow a remote attacker to upload arbitrary PHP scripts to a vulnerable server. This issue results from insufficient sanitization of user-supplied input.
If successful, the attacker can execute arbitrary script code on a vulnerable server. This can lead to unauthorized access in the context of the application.
MediaWiki 1.3.8 and prior versions are affected by this issue.
Script file name:
attack.php.rar- Источник
- www.exploit-db.com
