Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dokuwiki dokuwiki 2006-03-09 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2006-6965
CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged...
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
445
VMScore
CVE-2006-5098
lib/exec/fetch.php in DokuWiki prior to 2006-03-09e allows remote malicious users to cause a denial of service (CPU consumption) via large w and h parameters, when resizing an image.
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
Andreas Gohr Dokuwiki Release 2006-03-05
668
VMScore
CVE-2006-5099
lib/exec/fetch.php in DokuWiki prior to 2006-03-09e, when conf[imconvert] is configured to use ImageMagick, allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) w and (2) h parameters, which are not filtered when invoking convert.
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
Andreas Gohr Dokuwiki Release 2006-03-05
383
VMScore
CVE-2011-2510
Cross-site scripting (XSS) vulnerability in the RSS embedding feature in DokuWiki prior to 2011-05-25a Rincewind allows remote malicious users to inject arbitrary web script or HTML via a link.
Dokuwiki Dokuwiki 2008-05-05
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2009-02-14b
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2009-12-25c
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2006-11-06
Dokuwiki Dokuwiki 2007-06-26
Dokuwiki Dokuwiki 2005-07-01
505
VMScore
CVE-2010-0287
Directory traversal vulnerability in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25b allows remote malicious users to list the contents of arbitrary directories via a .. (dot dot) in the ns parameter.
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2005-07-01
Dokuwiki Dokuwiki 2004-07-04
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki 2004-07-12
Dokuwiki Dokuwiki 2004-07-21
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki 2004-08-08
Dokuwiki Dokuwiki 2004-08-15a
Dokuwiki Dokuwiki 2004-08-22
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-09-30
Dokuwiki Dokuwiki 2004-11-01
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2005-01-14
1 EDB exploit
755
VMScore
CVE-2010-0288
A typo in the administrator permission check in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25b allows remote malicious users to gain privileges and access closed wikis by editing current ACL statements, as demonstrated in the wild in January 2010.
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2005-07-01
Dokuwiki Dokuwiki 2004-07-04
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki 2004-07-12
Dokuwiki Dokuwiki 2004-07-21
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki 2004-08-08
Dokuwiki Dokuwiki 2004-08-15a
Dokuwiki Dokuwiki 2004-08-22
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-09-30
Dokuwiki Dokuwiki 2004-11-01
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2005-01-14
1 EDB exploit
605
VMScore
CVE-2010-0289
Multiple cross-site request forgery (CSRF) vulnerabilities in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25c allow remote malicious users to hijack the authentication of administrators for requests that modify access control rules, and other unspec...
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2005-07-01
Dokuwiki Dokuwiki 2004-07-04
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki 2004-07-12
Dokuwiki Dokuwiki 2004-07-21
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki 2004-08-08
Dokuwiki Dokuwiki 2004-08-15a
Dokuwiki Dokuwiki 2004-08-22
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-09-30
Dokuwiki Dokuwiki 2004-11-01
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2005-01-14
383
VMScore
CVE-2012-0283
Cross-site scripting (XSS) vulnerability in the tpl_mediaFileList function in inc/template.php in DokuWiki prior to 2012-01-25b allows remote malicious users to inject arbitrary web script or HTML via the ns parameter in a medialist action to lib/exe/ajax.php.
Andreas Gohr Dokuwiki 2006-11-06
Andreas Gohr Dokuwiki 2006-03-05
Andreas Gohr Dokuwiki 2011-05-25
Andreas Gohr Dokuwiki 2011-05-25c
Andreas Gohr Dokuwiki 2005-09-22
Andreas Gohr Dokuwiki 2005-07-01
Andreas Gohr Dokuwiki 2010-11-07a
Andreas Gohr Dokuwiki 2009-12-25c
Andreas Gohr Dokuwiki 2009-02-14b
Andreas Gohr Dokuwiki 2012-01-25
Andreas Gohr Dokuwiki 2005-09-19
Andreas Gohr Dokuwiki 2011-05-25a
Andreas Gohr Dokuwiki 2006-03-09
Andreas Gohr Dokuwiki 2008-05-05
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki 2007-06-26
Andreas Gohr Dokuwiki 2007-07-13
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started