Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dokuwiki dokuwiki vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-2129
Cross-site scripting (XSS) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote malicious users to inject arbitrary web script or HTML via the target parameter in an edit action.
Andreas Gohr Dokuwiki 2012-01-25
4.3
CVSSv2
CVE-2012-0283
Cross-site scripting (XSS) vulnerability in the tpl_mediaFileList function in inc/template.php in DokuWiki prior to 2012-01-25b allows remote malicious users to inject arbitrary web script or HTML via the ns parameter in a medialist action to lib/exe/ajax.php.
Andreas Gohr Dokuwiki 2006-11-06
Andreas Gohr Dokuwiki 2006-03-05
Andreas Gohr Dokuwiki 2011-05-25
Andreas Gohr Dokuwiki 2011-05-25c
Andreas Gohr Dokuwiki 2005-09-22
Andreas Gohr Dokuwiki 2005-07-01
Andreas Gohr Dokuwiki 2010-11-07a
Andreas Gohr Dokuwiki 2009-12-25c
Andreas Gohr Dokuwiki 2009-02-14b
Andreas Gohr Dokuwiki 2012-01-25
Andreas Gohr Dokuwiki 2005-09-19
Andreas Gohr Dokuwiki 2011-05-25a
Andreas Gohr Dokuwiki 2006-03-09
Andreas Gohr Dokuwiki 2008-05-05
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki 2007-06-26
Andreas Gohr Dokuwiki 2007-07-13
4.3
CVSSv2
CVE-2011-2510
Cross-site scripting (XSS) vulnerability in the RSS embedding feature in DokuWiki prior to 2011-05-25a Rincewind allows remote malicious users to inject arbitrary web script or HTML via a link.
Dokuwiki Dokuwiki 2008-05-05
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2009-02-14b
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2009-12-25c
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2006-11-06
Dokuwiki Dokuwiki 2007-06-26
Dokuwiki Dokuwiki 2005-07-01
4.3
CVSSv2
CVE-2007-3930
Interpretation conflict between Microsoft Internet Explorer and DocuWiki prior to 2007-06-26b allows remote malicious users to inject arbitrary JavaScript and conduct cross-site scripting (XSS) attacks when spellchecking UTF-8 encoded messages via the spell_utf8test function in l...
Microsoft Internet Explorer
Wiki Dokuwiki
4.3
CVSSv2
CVE-2006-6965
CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged...
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
4.3
CVSSv2
CVE-2006-1165
Cross-site scripting (XSS) vulnerability in the mediamanager module in DokuWiki prior to 2006-03-05 allows remote malicious users to inject arbitrary web script or HTML via unknown attack vectors relating to "handling EXIF data."
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2005-02-06
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2005-05-07
Andreas Gohr Dokuwiki Release 2004-07-25
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-09-25
Andreas Gohr Dokuwiki Release 2005-02-18
Andreas Gohr Dokuwiki Release 2005-09-22
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-01-15
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2005-07-01
Andreas Gohr Dokuwiki Release 2004-07-21
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2004-09-30
Andreas Gohr Dokuwiki Release 2004-08-15a
Andreas Gohr Dokuwiki Release 2004-10-19
4
CVSSv2
CVE-2006-2945
Unspecified vulnerability in the user profile change functionality in DokuWiki, when Access Control Lists are enabled, allows remote authenticated users to read unauthorized files via unknown attack vectors.
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2005-02-06
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2005-05-07
Andreas Gohr Dokuwiki Release 2004-07-25
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-09-25
Andreas Gohr Dokuwiki Release 2005-02-18
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki Release 2005-09-22
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-01-15
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2005-07-01
Andreas Gohr Dokuwiki Release 2004-07-21
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2004-09-30
Andreas Gohr Dokuwiki Release 2004-08-15a
3.5
CVSSv2
CVE-2017-15214
Stored XSS vulnerability in Flyspray 1.0-rc4 prior to 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges and also to execute JavaScript against other users (including unauthenticated users), via the name, title, or id parameter to plugins/d...
Flyspray Flyspray 1.0
NA
CVE-2024-33103
An arbitrary file upload vulnerability in the Media Manager component of DokuWiki 2024-02-06a allows malicious users to execute arbitrary code by uploading a crafted SVG file. NOTE: as noted in the 4267 issue reference, there is a position that exploitability can only occur with ...
NA
CVE-2023-34408
DokuWiki prior to 2023-04-04a allows XSS via RSS titles.
Dokuwiki Dokuwiki
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »