CVE-2010-2789Code Injection in Mediawiki

CWE-94Code Injection3 documents3 sources
Severity
6.8MEDIUMNVD
EPSS
0.5%
top 32.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
MediawikiDebian Mediawiki
Timeline
PublishedApr 27
Latest updateMay 17

Description

PHP remote file inclusion vulnerability in MediaWikiParserTest.php in MediaWiki 1.16 beta, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via unspecified vectors.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

Patches

Patch: lists.wikimedia.orgPatch: lists.wikimedia.org

🔴Vulnerability Details

1
GHSA
GHSA-rgj5-q943-hjw8: PHP remote file inclusion vulnerability in MediaWikiParserTest2022-05-17

📋Vendor Advisories

1
Debian
CVE-2010-2789: mediawiki - PHP remote file inclusion vulnerability in MediaWikiParserTest.php in MediaWiki ...2010
CVE-2010-2789 — Code Injection in Mediawiki | cvebase