Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
andreas gohr vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-2128
Cross-site request forgery (CSRF) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote malicious users to hijack the authentication of administrators for requests that add arbitrary users. NOTE: this issue has been disputed by the vendor, who states that it is res...
Andreas Gohr Dokuwiki 2012-01-25
NA
CVE-2012-2129
Cross-site scripting (XSS) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote malicious users to inject arbitrary web script or HTML via the target parameter in an edit action.
Andreas Gohr Dokuwiki 2012-01-25
NA
CVE-2012-0283
Cross-site scripting (XSS) vulnerability in the tpl_mediaFileList function in inc/template.php in DokuWiki prior to 2012-01-25b allows remote malicious users to inject arbitrary web script or HTML via the ns parameter in a medialist action to lib/exe/ajax.php.
Andreas Gohr Dokuwiki 2011-05-25c
Andreas Gohr Dokuwiki 2012-01-25
Andreas Gohr Dokuwiki 2007-06-26
Andreas Gohr Dokuwiki 2006-11-06
Andreas Gohr Dokuwiki 2010-11-07a
Andreas Gohr Dokuwiki 2009-12-25c
Andreas Gohr Dokuwiki 2005-09-22
Andreas Gohr Dokuwiki 2005-09-19
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki 2009-02-14b
Andreas Gohr Dokuwiki 2008-05-05
Andreas Gohr Dokuwiki 2007-07-13
Andreas Gohr Dokuwiki 2005-07-01
Andreas Gohr Dokuwiki 2011-05-25a
Andreas Gohr Dokuwiki 2011-05-25
Andreas Gohr Dokuwiki 2006-03-09
Andreas Gohr Dokuwiki 2006-03-05
NA
CVE-2006-6965
CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged...
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
NA
CVE-2006-5098
lib/exec/fetch.php in DokuWiki prior to 2006-03-09e allows remote malicious users to cause a denial of service (CPU consumption) via large w and h parameters, when resizing an image.
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
Andreas Gohr Dokuwiki Release 2006-03-05
NA
CVE-2006-5099
lib/exec/fetch.php in DokuWiki prior to 2006-03-09e, when conf[imconvert] is configured to use ImageMagick, allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) w and (2) h parameters, which are not filtered when invoking convert.
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
NA
CVE-2006-4674
Direct static code injection vulnerability in doku.php in DokuWiki prior to 2006-030-09c allows remote malicious users to execute arbitrary PHP code via the X-FORWARDED-FOR HTTP header, which is stored in config.php.
Andreas Gohr Dokuwiki Release 2004-07-25
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2004-11-01
Andreas Gohr Dokuwiki Release 2004-11-02
Andreas Gohr Dokuwiki Release 2005-07-01
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2004-09-25
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2005-02-06
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki Release 2004-08-15a
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2005-01-15
Andreas Gohr Dokuwiki Release 2005-09-19
Andreas Gohr Dokuwiki Release 2005-09-22
Andreas Gohr Dokuwiki Release 2004-07-12
NA
CVE-2006-4679
DokuWiki prior to 2006-03-09c enables the debug feature by default, which allows remote malicious users to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug".
Andreas Gohr Dokuwiki Release 2004-07-21
Andreas Gohr Dokuwiki Release 2004-07-25
Andreas Gohr Dokuwiki Release 2004-10-19
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-07-12
Andreas Gohr Dokuwiki Release 2004-09-25
Andreas Gohr Dokuwiki Release 2004-09-30
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2005-02-06
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2004-08-15a
Andreas Gohr Dokuwiki Release 2004-11-02
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-07-01
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2005-09-19
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2005-01-15
NA
CVE-2006-4675
Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki prior to 2006-03-09c allows remote malicious users to upload executable files into the data/media folder via unspecified vectors.
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2004-08-15a
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2005-09-19
Andreas Gohr Dokuwiki Release 2004-07-21
Andreas Gohr Dokuwiki Release 2004-07-25
Andreas Gohr Dokuwiki Release 2004-10-19
Andreas Gohr Dokuwiki Release 2004-11-01
Andreas Gohr Dokuwiki Release 2004-11-02
Andreas Gohr Dokuwiki Release 2005-05-07
Andreas Gohr Dokuwiki Release 2005-07-01
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2005-01-15
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2005-09-22
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-07-12
NA
CVE-2006-2945
Unspecified vulnerability in the user profile change functionality in DokuWiki, when Access Control Lists are enabled, allows remote authenticated users to read unauthorized files via unknown attack vectors.
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2004-08-15a
Andreas Gohr Dokuwiki Release 2004-11-02
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2005-09-19
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-07-12
Andreas Gohr Dokuwiki Release 2004-09-25
Andreas Gohr Dokuwiki Release 2004-09-30
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2005-02-06
Andreas Gohr Dokuwiki Release 2005-02-18
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2005-01-15
Andreas Gohr Dokuwiki Release 2005-09-22
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki Release 2004-07-21
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »