info
discussion
exploit
solution
references
MediaWiki Remote Arbitrary Script Upload Vulnerability
An exploit is not required.
The following proof of concept is available:
Script file name:
attack.php.rar
Privacy Statement
Copyright 2010, SecurityFocus
