Category:Extensions with SQL injection vulnerabilities

From MediaWiki.org

Jump to: navigation, search

These extensions are known to contain SQL injection attack vulnerabilities, because it passes user input directly into SQL commands. This may lead to user accounts being hijacked, wiki content being compromised, private data being leaked, malware being injected, and the entire wiki content being erased, among other things.

It is advised that these extensions are updated to make proper use of MediaWiki's database class instead of concatenating raw SQL.

To add an extension to this list, tag it with {{SQL injection alert}}.

Pages in category "Extensions with SQL injection vulnerabilities"

The following 6 pages are in this category, out of 6 total.

A

C

Extension:Coppermine

H

Extension:Hierachy of categories

P

Extension:PasswordProtected

W

Project:WikiProject Extensions/Projects/Page Drive/After

Retrieved from "http://www.mediawiki.org/w/index.php?title=Category:Extensions_with_SQL_injection_vulnerabilities&oldid=486084"

Extensions with security vulnerabilities