Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

MediaWiki Multiple Remote Vulnerabilities (2) Vulnerability Scan

Vulnerability Scan Summary
Attempts to execute phpinfo() remotely

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains a set of PHP scripts that allow an
attacker to execute arbitrary commands the remote host.

Description :

The remote host appears to be running a version of MediaWiki 1.5 older
than version 1.5.3. Due to improper sanitation of user-supplied
input, the installed version of MediaWiki allows an unauthenticated
remote attacker to execute arbitrary PHP and shell commands on the
remote host subject to the rights of the web server user id.

See also :


Upgrade to MediaWiki 1.5.3 or later.

Threat Level:

High / CVSS Base Score : 7.0

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.