Difference between revisions of "MediaWiki/Parser50"
From Nick Jenkins
(woplhzYuNPrz) |
m (Revert to non-vandal version.) |
||
Line 1: | Line 1: | ||
− | + | URL: | |
+ | <pre> | ||
+ | http://en.wikipedia.org/w/index.php?title=Special:Userlogin&action=submitlogin&type=login&returnto="><a href="ownage | ||
+ | </pre> | ||
+ | |||
+ | Alternate URL on a test wiki (replace IP address with appropriate details): | ||
+ | <pre> | ||
+ | http://192.168.0.64/wiki/index.php?title=Special:Userlogin&action=submitlogin&type=login&returnto="><a href="ownage | ||
+ | </pre> | ||
+ | |||
+ | Then login. | ||
+ | |||
+ | Output on a wiki showing errors: | ||
+ | <pre> | ||
+ | Fatal error: Call to a member function escapeFullURL() on a non-object in /var/www/hosts/mediawiki/phase3/includes/OutputPage.php on line 921 | ||
+ | </pre> | ||
+ | |||
+ | Output on the wikipedia: | ||
+ | Blank page (errors are being logged). | ||
+ | |||
+ | This test as a curl command line: | ||
+ | <pre> | ||
+ | curl --silent --include --cookie 'wikidb_session=1' -F 'wpName'='SOME_VALID_USERNAME' -F 'wpPassword'='SOME_VALID_PASSWORD' \ | ||
+ | '192.168.0.64/wiki/index.php?title=Special:Userlogin&action=submitlogin&type=login&returnto=<' | ||
+ | </pre> | ||
+ | |||
+ | Also seems to be reproducible without having to login: | ||
+ | <pre> | ||
+ | curl --silent --include \ | ||
+ | --cookie 'enwiki_session=1'\ | ||
+ | -F 'wpCookieCheck'=\ | ||
+ | -F 'returnto'='|'\ | ||
+ | 'en.wikipedia.org/w/index.php/Special:Userlogin' | ||
+ | </pre> |
Revision as of 22:16, 24 September 2009
URL:
http://en.wikipedia.org/w/index.php?title=Special:Userlogin&action=submitlogin&type=login&returnto="><a href="ownage
Alternate URL on a test wiki (replace IP address with appropriate details):
http://192.168.0.64/wiki/index.php?title=Special:Userlogin&action=submitlogin&type=login&returnto="><a href="ownage
Then login.
Output on a wiki showing errors:
Fatal error: Call to a member function escapeFullURL() on a non-object in /var/www/hosts/mediawiki/phase3/includes/OutputPage.php on line 921
Output on the wikipedia: Blank page (errors are being logged).
This test as a curl command line:
curl --silent --include --cookie 'wikidb_session=1' -F 'wpName'='SOME_VALID_USERNAME' -F 'wpPassword'='SOME_VALID_PASSWORD' \ '192.168.0.64/wiki/index.php?title=Special:Userlogin&action=submitlogin&type=login&returnto=<'
Also seems to be reproducible without having to login:
curl --silent --include \ --cookie 'enwiki_session=1'\ -F 'wpCookieCheck'=\ -F 'returnto'='|'\ 'en.wikipedia.org/w/index.php/Special:Userlogin'