Approved changes feed: RSS · Atom
cpe:2.3:a:mediawiki:mediawiki:1.6.5_r14348:*:*:*:*:*:*:*
part: a version: 1.6.5_r14348 update: *
| Vendor | Mediawiki (cdb1ca1d-4622-5407-a7d8-3e891579b8c5) |
|---|---|
| Product | Mediawiki (ab97168e-95e7-5d6e-a2ac-f8d27117dc4d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/wikimedia/mediawiki |
purl2cpe | 2026-06-01 10:10:57.707578 |
pkg:wikimedia/mediawiki |
purl2cpe | 2026-06-01 10:10:57.707580 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2011-0047 |
vulnerable | 2026-06-03 14:30:46.416615 |
Details available
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments, aka "CSS injection vulnerability."
Published: 2011-02-04T00:00:00.000Z
Updated: 2024-08-06T21:43:14.184Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-0003 |
vulnerable | 2026-06-03 14:30:45.818278 |
Details available
MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to conduct clickjacking attacks via unspecified vectors.
Published: 2011-01-11T01:00:00.000Z
Updated: 2024-08-06T21:36:02.223Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-0894 |
vulnerable | 2026-06-03 14:27:58.331682 |
Details available
MediaWiki before 1.9.2 allows remote attackers to obtain sensitive information via a direct request to (1) Simple.deps.php, (2) MonoBook.deps.php, (3) MySkin.deps.php, or (4) Chick.deps.php in wiki/skins, which shows the installation path in the resulting error message.
Published: 2007-02-12T23:00:00.000Z
Updated: 2024-08-07T12:34:21.192Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-0177 |
vulnerable | 2026-06-03 14:27:56.179991 |
Details available
Cross-site scripting (XSS) vulnerability in the AJAX module in MediaWiki before 1.6.9, 1.7 before 1.7.2, 1.8 before 1.8.3, and 1.9 before 1.9.0rc2, when wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Published: 2007-01-11T00:00:00.000Z
Updated: 2024-08-07T12:12:17.283Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-2895 |
vulnerable | 2026-06-03 14:27:33.473403 |
Details available
Cross-site scripting (XSS) vulnerability in MediaWiki 1.6.0 up to versions before 1.6.7 allows remote attackers to inject arbitrary HTML and web script via the edit form.
Published: 2006-06-07T10:00:00.000Z
Updated: 2024-08-07T18:06:26.970Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.