Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dokuwiki dokuwiki 2006-03-05 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2006-5098
lib/exec/fetch.php in DokuWiki prior to 2006-03-09e allows remote malicious users to cause a denial of service (CPU consumption) via large w and h parameters, when resizing an image.
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
Andreas Gohr Dokuwiki Release 2006-03-05
668
VMScore
CVE-2006-5099
lib/exec/fetch.php in DokuWiki prior to 2006-03-09e, when conf[imconvert] is configured to use ImageMagick, allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) w and (2) h parameters, which are not filtered when invoking convert.
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
Andreas Gohr Dokuwiki Release 2006-03-05
383
VMScore
CVE-2011-2510
Cross-site scripting (XSS) vulnerability in the RSS embedding feature in DokuWiki prior to 2011-05-25a Rincewind allows remote malicious users to inject arbitrary web script or HTML via a link.
Dokuwiki Dokuwiki 2008-05-05
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2009-02-14b
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2009-12-25c
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2006-11-06
Dokuwiki Dokuwiki 2007-06-26
Dokuwiki Dokuwiki 2005-07-01
505
VMScore
CVE-2010-0287
Directory traversal vulnerability in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25b allows remote malicious users to list the contents of arbitrary directories via a .. (dot dot) in the ns parameter.
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2005-07-01
Dokuwiki Dokuwiki 2004-07-04
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki 2004-07-12
Dokuwiki Dokuwiki 2004-07-21
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki 2004-08-08
Dokuwiki Dokuwiki 2004-08-15a
Dokuwiki Dokuwiki 2004-08-22
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-09-30
Dokuwiki Dokuwiki 2004-11-01
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2005-01-14
1 EDB exploit
755
VMScore
CVE-2010-0288
A typo in the administrator permission check in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25b allows remote malicious users to gain privileges and access closed wikis by editing current ACL statements, as demonstrated in the wild in January 2010.
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2005-07-01
Dokuwiki Dokuwiki 2004-07-04
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki 2004-07-12
Dokuwiki Dokuwiki 2004-07-21
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki 2004-08-08
Dokuwiki Dokuwiki 2004-08-15a
Dokuwiki Dokuwiki 2004-08-22
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-09-30
Dokuwiki Dokuwiki 2004-11-01
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2005-01-14
1 EDB exploit
605
VMScore
CVE-2010-0289
Multiple cross-site request forgery (CSRF) vulnerabilities in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25c allow remote malicious users to hijack the authentication of administrators for requests that modify access control rules, and other unspec...
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2005-07-01
Dokuwiki Dokuwiki 2004-07-04
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki 2004-07-12
Dokuwiki Dokuwiki 2004-07-21
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki 2004-08-08
Dokuwiki Dokuwiki 2004-08-15a
Dokuwiki Dokuwiki 2004-08-22
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-09-30
Dokuwiki Dokuwiki 2004-11-01
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2005-01-14
383
VMScore
CVE-2012-0283
Cross-site scripting (XSS) vulnerability in the tpl_mediaFileList function in inc/template.php in DokuWiki prior to 2012-01-25b allows remote malicious users to inject arbitrary web script or HTML via the ns parameter in a medialist action to lib/exe/ajax.php.
Andreas Gohr Dokuwiki 2006-11-06
Andreas Gohr Dokuwiki 2006-03-05
Andreas Gohr Dokuwiki 2011-05-25
Andreas Gohr Dokuwiki 2011-05-25c
Andreas Gohr Dokuwiki 2005-09-22
Andreas Gohr Dokuwiki 2005-07-01
Andreas Gohr Dokuwiki 2010-11-07a
Andreas Gohr Dokuwiki 2009-12-25c
Andreas Gohr Dokuwiki 2009-02-14b
Andreas Gohr Dokuwiki 2012-01-25
Andreas Gohr Dokuwiki 2005-09-19
Andreas Gohr Dokuwiki 2011-05-25a
Andreas Gohr Dokuwiki 2006-03-09
Andreas Gohr Dokuwiki 2008-05-05
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki 2007-06-26
Andreas Gohr Dokuwiki 2007-07-13
383
VMScore
CVE-2006-1165
Cross-site scripting (XSS) vulnerability in the mediamanager module in DokuWiki prior to 2006-03-05 allows remote malicious users to inject arbitrary web script or HTML via unknown attack vectors relating to "handling EXIF data."
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2005-02-06
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2005-05-07
Andreas Gohr Dokuwiki Release 2004-07-25
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-09-25
Andreas Gohr Dokuwiki Release 2005-02-18
Andreas Gohr Dokuwiki Release 2005-09-22
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-01-15
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2005-07-01
Andreas Gohr Dokuwiki Release 2004-07-21
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2004-09-30
Andreas Gohr Dokuwiki Release 2004-08-15a
Andreas Gohr Dokuwiki Release 2004-10-19
668
VMScore
CVE-2006-2878
The spellchecker (spellcheck.php) in DokuWiki 2006/06/04 and previous versions allows remote malicious users to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by preg_replace with the /e (exe...
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2005-02-06
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2005-05-07
Andreas Gohr Dokuwiki Release 2004-07-25
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-09-25
Andreas Gohr Dokuwiki Release 2005-02-18
Andreas Gohr Dokuwiki Release 2005-09-22
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-01-15
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2005-07-01
Andreas Gohr Dokuwiki Release 2004-07-21
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2004-09-30
Andreas Gohr Dokuwiki Release 2004-08-15a
356
VMScore
CVE-2006-2945
Unspecified vulnerability in the user profile change functionality in DokuWiki, when Access Control Lists are enabled, allows remote authenticated users to read unauthorized files via unknown attack vectors.
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2005-02-06
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2005-05-07
Andreas Gohr Dokuwiki Release 2004-07-25
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-09-25
Andreas Gohr Dokuwiki Release 2005-02-18
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki Release 2005-09-22
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-01-15
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2005-07-01
Andreas Gohr Dokuwiki Release 2004-07-21
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2004-09-30
Andreas Gohr Dokuwiki Release 2004-08-15a
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »