MediaWiki Thumb.php Remote Command Execution Exploit

MediaWiki with DjVU or PDF file upload allows a remote attackers to execute arbitrary commands by exploting a bug in the with parameter in thumb.php while previewing the uploaded file.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2014-1610
Product Version: 
2014_R2
Released Date: 
Friday, October 3, 2014 - 00:00