Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dokuwiki vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-2128
Cross-site request forgery (CSRF) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote malicious users to hijack the authentication of administrators for requests that add arbitrary users. NOTE: this issue has been disputed by the vendor, who states that it is res...
Andreas Gohr Dokuwiki 2012-01-25
NA
CVE-2012-2129
Cross-site scripting (XSS) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote malicious users to inject arbitrary web script or HTML via the target parameter in an edit action.
Andreas Gohr Dokuwiki 2012-01-25
NA
CVE-2012-0283
Cross-site scripting (XSS) vulnerability in the tpl_mediaFileList function in inc/template.php in DokuWiki prior to 2012-01-25b allows remote malicious users to inject arbitrary web script or HTML via the ns parameter in a medialist action to lib/exe/ajax.php.
Andreas Gohr Dokuwiki 2011-05-25c
Andreas Gohr Dokuwiki 2012-01-25
Andreas Gohr Dokuwiki 2007-06-26
Andreas Gohr Dokuwiki 2006-11-06
Andreas Gohr Dokuwiki 2010-11-07a
Andreas Gohr Dokuwiki 2009-12-25c
Andreas Gohr Dokuwiki 2005-09-22
Andreas Gohr Dokuwiki 2005-09-19
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki 2009-02-14b
Andreas Gohr Dokuwiki 2008-05-05
Andreas Gohr Dokuwiki 2007-07-13
Andreas Gohr Dokuwiki 2005-07-01
Andreas Gohr Dokuwiki 2011-05-25a
Andreas Gohr Dokuwiki 2011-05-25
Andreas Gohr Dokuwiki 2006-03-09
Andreas Gohr Dokuwiki 2006-03-05
NA
CVE-2011-3727
DokuWiki 2009-12-25c allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/tpl/index.php and certain other files.
Dokuwiki Dokuwiki 2009-12-25c
NA
CVE-2011-2510
Cross-site scripting (XSS) vulnerability in the RSS embedding feature in DokuWiki prior to 2011-05-25a Rincewind allows remote malicious users to inject arbitrary web script or HTML via a link.
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2009-02-14b
Dokuwiki Dokuwiki 2008-05-05
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2005-07-01
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2009-12-25c
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2007-06-26
Dokuwiki Dokuwiki 2006-11-06
NA
CVE-2010-0288
A typo in the administrator permission check in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25b allows remote malicious users to gain privileges and access closed wikis by editing current ACL statements, as demonstrated in the wild in January 2010.
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2005-01-15
Dokuwiki Dokuwiki 2005-01-14
Dokuwiki Dokuwiki 2004-08-22
Dokuwiki Dokuwiki 2004-08-15a
Dokuwiki Dokuwiki 2006-03-09e
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2005-02-18
Dokuwiki Dokuwiki 2005-02-06
Dokuwiki Dokuwiki 2005-01-16a
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki 2004-07-04
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-08-08
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki
1 EDB exploit
NA
CVE-2010-0287
Directory traversal vulnerability in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25b allows remote malicious users to list the contents of arbitrary directories via a .. (dot dot) in the ns parameter.
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2006-06-04
Dokuwiki Dokuwiki 2006-03-09e
Dokuwiki Dokuwiki 2005-05-07
Dokuwiki Dokuwiki 2005-02-18
Dokuwiki Dokuwiki 2004-11-01
Dokuwiki Dokuwiki 2004-09-30
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-07-12
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2005-07-01
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki 2004-07-21
Dokuwiki Dokuwiki 2005-02-06
Dokuwiki Dokuwiki 2005-01-16a
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-08-22
1 EDB exploit
NA
CVE-2010-0289
Multiple cross-site request forgery (CSRF) vulnerabilities in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25c allow remote malicious users to hijack the authentication of administrators for requests that modify access control rules, and other unspec...
Dokuwiki Dokuwiki 2006-06-04
Dokuwiki Dokuwiki 2005-05-07
Dokuwiki Dokuwiki 2005-02-18
Dokuwiki Dokuwiki 2004-11-01
Dokuwiki Dokuwiki 2004-09-30
Dokuwiki Dokuwiki 2004-07-21
Dokuwiki Dokuwiki 2004-07-12
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2005-07-01
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-08-08
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki 2006-03-09e
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2005-02-06
Dokuwiki Dokuwiki 2005-01-16a
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki 2004-07-04
Dokuwiki Dokuwiki
NA
CVE-2009-1960
inc/init.php in DokuWiki 2009-02-14, rc2009-02-06, and rc2009-01-30, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via the config_cascade[main][default][] parameter to doku.php. NOTE: PHP remote file inclusion is also...
Dokuwiki Dokuwiki Rc2009-02-06
Dokuwiki Dokuwiki 2009-02-14
Dokuwiki Dokuwiki Rc2009-01-30
2 EDB exploits
NA
CVE-2007-3930
Interpretation conflict between Microsoft Internet Explorer and DocuWiki prior to 2007-06-26b allows remote malicious users to inject arbitrary JavaScript and conduct cross-site scripting (XSS) attacks when spellchecking UTF-8 encoded messages via the spell_utf8test function in l...
Wiki Dokuwiki
Microsoft Internet Explorer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »