How severe is CVE-2025-32956?

This vulnerability has a severity rating of HIGH with a CVSS score of 8 out of 10.

What type of vulnerability is CVE-2025-32956?

This is classified as CWE-89, which is a common weakness in software security.

CVE-2025-32956 - HIGH Severity | CVSS 8

Vulnerability Description

ManageWiki is a MediaWiki extension allowing users to manage wikis. Versions before commit f504ed8, are vulnerable to SQL injection when renaming a namespace in Special:ManageWiki/namespaces when using a page prefix (namespace name, which is the current namespace you are renaming) with an injection payload. This issue has been patched in commit f504ed8. A workaround for this vulnerability involves setting `$wgManageWiki['namespaces'] = false;`.

Related Vulnerabilities

CVE-2015-10038

HIGH

CVSS:8.0(High)

A vulnerability was found in nym3r0s pplv2. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The patch is named 28...

CWE-892015

CVE-2015-10039

HIGH

CVSS:8.0(High)

A vulnerability was found in dobos domino. It has been rated as critical. Affected by this issue is some unknown functionality in the library src/Complex.Domino.Lib/Lib/EntityFactory.cs. The manipulat...

CWE-892015

CVE-2015-8356

HIGH

CVSS:8.0(High)

Multiple SQL injection vulnerabilities in the mcart.xls module 6.5.2 and earlier for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) xls_profile parameter to admi...

CWE-892015

CVE-2018-16850

HIGH

CVSS:8.0(High)

postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can caus...

CWE-892018

CVE-2020-10802

HIGH

CVSS:8.0(High)

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search acti...

CWE-892020

CVE-2020-10804

HIGH

CVSS:8.0(High)

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/User...

CWE-892020