Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2013-2114

Unrestricted file upload vulnerability in the chunk upload API in MediaWiki 1.19 through 1.19.6 and 1.20.x before 1.20.6 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.

  • Published: Nov 18, 2013
  • Updated: Apr 13, 2023
  • CVE: CVE-2013-2114
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
mediawiki / mediawiki 1.19 1.19.x
mediawiki / mediawiki 1.19-beta_1 1.19-beta_1.x
mediawiki / mediawiki 1.20.5 1.20.5.x
mediawiki / mediawiki 1.20.1 1.20.1.x
mediawiki / mediawiki 1.19.3 1.19.3.x
mediawiki / mediawiki 1.19.1 1.19.1.x
mediawiki / mediawiki 1.20.4 1.20.4.x
mediawiki / mediawiki 1.20.2 1.20.2.x
mediawiki / mediawiki 1.19.6 1.19.6.x
mediawiki / mediawiki 1.20.3 1.20.3.x
mediawiki / mediawiki 1.19-beta_2 1.19-beta_2.x
mediawiki / mediawiki 1.19.5 1.19.5.x
mediawiki / mediawiki 1.19.0 1.19.0.x
mediawiki / mediawiki 1.19.4 1.19.4.x
mediawiki / mediawiki 1.19.2 1.19.2.x