Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dokuwiki dokuwiki vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1960
inc/init.php in DokuWiki 2009-02-14, rc2009-02-06, and rc2009-01-30, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via the config_cascade[main][default][] parameter to doku.php. NOTE: PHP remote file inclusion is also...
Dokuwiki Dokuwiki Rc2009-02-06
Dokuwiki Dokuwiki 2009-02-14
Dokuwiki Dokuwiki Rc2009-01-30
2 EDB exploits
NA
CVE-2007-3930
Interpretation conflict between Microsoft Internet Explorer and DocuWiki prior to 2007-06-26b allows remote malicious users to inject arbitrary JavaScript and conduct cross-site scripting (XSS) attacks when spellchecking UTF-8 encoded messages via the spell_utf8test function in l...
Wiki Dokuwiki
Microsoft Internet Explorer
NA
CVE-2006-6965
CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged...
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
NA
CVE-2006-5098
lib/exec/fetch.php in DokuWiki prior to 2006-03-09e allows remote malicious users to cause a denial of service (CPU consumption) via large w and h parameters, when resizing an image.
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
Andreas Gohr Dokuwiki Release 2006-03-05
NA
CVE-2006-5099
lib/exec/fetch.php in DokuWiki prior to 2006-03-09e, when conf[imconvert] is configured to use ImageMagick, allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) w and (2) h parameters, which are not filtered when invoking convert.
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
NA
CVE-2006-4674
Direct static code injection vulnerability in doku.php in DokuWiki prior to 2006-030-09c allows remote malicious users to execute arbitrary PHP code via the X-FORWARDED-FOR HTTP header, which is stored in config.php.
Andreas Gohr Dokuwiki Release 2004-07-25
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2004-11-01
Andreas Gohr Dokuwiki Release 2004-11-02
Andreas Gohr Dokuwiki Release 2005-07-01
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2004-09-25
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2005-02-06
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki Release 2004-08-15a
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2005-01-15
Andreas Gohr Dokuwiki Release 2005-09-19
Andreas Gohr Dokuwiki Release 2005-09-22
Andreas Gohr Dokuwiki Release 2004-07-12
NA
CVE-2006-4675
Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki prior to 2006-03-09c allows remote malicious users to upload executable files into the data/media folder via unspecified vectors.
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2004-08-15a
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2005-09-19
Andreas Gohr Dokuwiki Release 2004-07-21
Andreas Gohr Dokuwiki Release 2004-07-25
Andreas Gohr Dokuwiki Release 2004-10-19
Andreas Gohr Dokuwiki Release 2004-11-01
Andreas Gohr Dokuwiki Release 2004-11-02
Andreas Gohr Dokuwiki Release 2005-05-07
Andreas Gohr Dokuwiki Release 2005-07-01
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2005-01-15
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2005-09-22
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-07-12
NA
CVE-2006-4679
DokuWiki prior to 2006-03-09c enables the debug feature by default, which allows remote malicious users to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug".
Andreas Gohr Dokuwiki Release 2004-07-21
Andreas Gohr Dokuwiki Release 2004-07-25
Andreas Gohr Dokuwiki Release 2004-10-19
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-07-12
Andreas Gohr Dokuwiki Release 2004-09-25
Andreas Gohr Dokuwiki Release 2004-09-30
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2005-02-06
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2004-08-15a
Andreas Gohr Dokuwiki Release 2004-11-02
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-07-01
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2005-09-19
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2005-01-15
NA
CVE-2006-2945
Unspecified vulnerability in the user profile change functionality in DokuWiki, when Access Control Lists are enabled, allows remote authenticated users to read unauthorized files via unknown attack vectors.
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2004-08-15a
Andreas Gohr Dokuwiki Release 2004-11-02
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2005-09-19
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-07-12
Andreas Gohr Dokuwiki Release 2004-09-25
Andreas Gohr Dokuwiki Release 2004-09-30
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2005-02-06
Andreas Gohr Dokuwiki Release 2005-02-18
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2005-01-15
Andreas Gohr Dokuwiki Release 2005-09-22
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki Release 2004-07-21
NA
CVE-2006-2878
The spellchecker (spellcheck.php) in DokuWiki 2006/06/04 and previous versions allows remote malicious users to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by preg_replace with the /e (exe...
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2005-01-15
Andreas Gohr Dokuwiki Release 2005-09-22
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2004-08-15a
Andreas Gohr Dokuwiki Release 2004-11-02
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-07-01
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2005-09-19
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-07-12
Andreas Gohr Dokuwiki Release 2004-09-25
Andreas Gohr Dokuwiki Release 2004-09-30
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2005-02-06
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki Release 2004-07-21
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »