Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dokuwiki dokuwiki 2006-03-09e vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6965
CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged...
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
NA
CVE-2006-5099
lib/exec/fetch.php in DokuWiki prior to 2006-03-09e, when conf[imconvert] is configured to use ImageMagick, allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) w and (2) h parameters, which are not filtered when invoking convert.
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
Andreas Gohr Dokuwiki Release 2006-03-05
NA
CVE-2006-5098
lib/exec/fetch.php in DokuWiki prior to 2006-03-09e allows remote malicious users to cause a denial of service (CPU consumption) via large w and h parameters, when resizing an image.
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
Andreas Gohr Dokuwiki Release 2006-03-05
NA
CVE-2010-0287
Directory traversal vulnerability in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25b allows remote malicious users to list the contents of arbitrary directories via a .. (dot dot) in the ns parameter.
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2005-07-01
Dokuwiki Dokuwiki 2004-07-04
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki 2004-07-12
Dokuwiki Dokuwiki 2004-07-21
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki 2004-08-08
Dokuwiki Dokuwiki 2004-08-15a
Dokuwiki Dokuwiki 2004-08-22
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-09-30
Dokuwiki Dokuwiki 2004-11-01
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2005-01-14
1 EDB exploit
NA
CVE-2010-0288
A typo in the administrator permission check in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25b allows remote malicious users to gain privileges and access closed wikis by editing current ACL statements, as demonstrated in the wild in January 2010.
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2005-07-01
Dokuwiki Dokuwiki 2004-07-04
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki 2004-07-12
Dokuwiki Dokuwiki 2004-07-21
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki 2004-08-08
Dokuwiki Dokuwiki 2004-08-15a
Dokuwiki Dokuwiki 2004-08-22
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-09-30
Dokuwiki Dokuwiki 2004-11-01
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2005-01-14
1 EDB exploit
NA
CVE-2010-0289
Multiple cross-site request forgery (CSRF) vulnerabilities in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25c allow remote malicious users to hijack the authentication of administrators for requests that modify access control rules, and other unspec...
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2005-07-01
Dokuwiki Dokuwiki 2004-07-04
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki 2004-07-12
Dokuwiki Dokuwiki 2004-07-21
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki 2004-08-08
Dokuwiki Dokuwiki 2004-08-15a
Dokuwiki Dokuwiki 2004-08-22
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-09-30
Dokuwiki Dokuwiki 2004-11-01
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2005-01-14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started