Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dokuwiki dokuwiki 2006-03-05 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-5098
lib/exec/fetch.php in DokuWiki prior to 2006-03-09e allows remote malicious users to cause a denial of service (CPU consumption) via large w and h parameters, when resizing an image.
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
Andreas Gohr Dokuwiki Release 2006-03-05
7.5
CVSSv2
CVE-2006-5099
lib/exec/fetch.php in DokuWiki prior to 2006-03-09e, when conf[imconvert] is configured to use ImageMagick, allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) w and (2) h parameters, which are not filtered when invoking convert.
Andreas Gohr Dokuwiki Release 2006-03-09
Andreas Gohr Dokuwiki Release 2006-03-09e
Andreas Gohr Dokuwiki Release 2006-03-05
4.3
CVSSv2
CVE-2011-2510
Cross-site scripting (XSS) vulnerability in the RSS embedding feature in DokuWiki prior to 2011-05-25a Rincewind allows remote malicious users to inject arbitrary web script or HTML via a link.
Dokuwiki Dokuwiki 2008-05-05
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2009-02-14b
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2009-12-25c
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2006-11-06
Dokuwiki Dokuwiki 2007-06-26
Dokuwiki Dokuwiki 2005-07-01
5
CVSSv2
CVE-2010-0287
Directory traversal vulnerability in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25b allows remote malicious users to list the contents of arbitrary directories via a .. (dot dot) in the ns parameter.
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2005-07-01
Dokuwiki Dokuwiki 2004-07-04
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki 2004-07-12
Dokuwiki Dokuwiki 2004-07-21
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki 2004-08-08
Dokuwiki Dokuwiki 2004-08-15a
Dokuwiki Dokuwiki 2004-08-22
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-09-30
Dokuwiki Dokuwiki 2004-11-01
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2005-01-14
1 EDB exploit
7.5
CVSSv2
CVE-2010-0288
A typo in the administrator permission check in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25b allows remote malicious users to gain privileges and access closed wikis by editing current ACL statements, as demonstrated in the wild in January 2010.
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2005-07-01
Dokuwiki Dokuwiki 2004-07-04
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki 2004-07-12
Dokuwiki Dokuwiki 2004-07-21
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki 2004-08-08
Dokuwiki Dokuwiki 2004-08-15a
Dokuwiki Dokuwiki 2004-08-22
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-09-30
Dokuwiki Dokuwiki 2004-11-01
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2005-01-14
1 EDB exploit
6.8
CVSSv2
CVE-2010-0289
Multiple cross-site request forgery (CSRF) vulnerabilities in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki prior to 2009-12-25c allow remote malicious users to hijack the authentication of administrators for requests that modify access control rules, and other unspec...
Dokuwiki Dokuwiki
Dokuwiki Dokuwiki 2006-03-05
Dokuwiki Dokuwiki 2005-09-19
Dokuwiki Dokuwiki 2005-07-13
Dokuwiki Dokuwiki 2005-09-22
Dokuwiki Dokuwiki 2006-03-09
Dokuwiki Dokuwiki 2005-07-01
Dokuwiki Dokuwiki 2004-07-04
Dokuwiki Dokuwiki 2004-07-07
Dokuwiki Dokuwiki 2004-07-12
Dokuwiki Dokuwiki 2004-07-21
Dokuwiki Dokuwiki 2004-07-25
Dokuwiki Dokuwiki 2004-08-08
Dokuwiki Dokuwiki 2004-08-15a
Dokuwiki Dokuwiki 2004-08-22
Dokuwiki Dokuwiki 2004-09-12
Dokuwiki Dokuwiki 2004-09-25
Dokuwiki Dokuwiki 2004-09-30
Dokuwiki Dokuwiki 2004-11-01
Dokuwiki Dokuwiki 2004-11-02
Dokuwiki Dokuwiki 2004-11-10
Dokuwiki Dokuwiki 2005-01-14
4.3
CVSSv2
CVE-2012-0283
Cross-site scripting (XSS) vulnerability in the tpl_mediaFileList function in inc/template.php in DokuWiki prior to 2012-01-25b allows remote malicious users to inject arbitrary web script or HTML via the ns parameter in a medialist action to lib/exe/ajax.php.
Andreas Gohr Dokuwiki 2006-11-06
Andreas Gohr Dokuwiki 2006-03-05
Andreas Gohr Dokuwiki 2011-05-25
Andreas Gohr Dokuwiki 2011-05-25c
Andreas Gohr Dokuwiki 2005-09-22
Andreas Gohr Dokuwiki 2005-07-01
Andreas Gohr Dokuwiki 2010-11-07a
Andreas Gohr Dokuwiki 2009-12-25c
Andreas Gohr Dokuwiki 2009-02-14b
Andreas Gohr Dokuwiki 2012-01-25
Andreas Gohr Dokuwiki 2005-09-19
Andreas Gohr Dokuwiki 2011-05-25a
Andreas Gohr Dokuwiki 2006-03-09
Andreas Gohr Dokuwiki 2008-05-05
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki 2007-06-26
Andreas Gohr Dokuwiki 2007-07-13
4.3
CVSSv2
CVE-2006-1165
Cross-site scripting (XSS) vulnerability in the mediamanager module in DokuWiki prior to 2006-03-05 allows remote malicious users to inject arbitrary web script or HTML via unknown attack vectors relating to "handling EXIF data."
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2005-02-06
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2005-05-07
Andreas Gohr Dokuwiki Release 2004-07-25
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-09-25
Andreas Gohr Dokuwiki Release 2005-02-18
Andreas Gohr Dokuwiki Release 2005-09-22
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-01-15
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2005-07-01
Andreas Gohr Dokuwiki Release 2004-07-21
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2004-09-30
Andreas Gohr Dokuwiki Release 2004-08-15a
Andreas Gohr Dokuwiki Release 2004-10-19
7.5
CVSSv2
CVE-2006-4675
Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki prior to 2006-03-09c allows remote malicious users to upload executable files into the data/media folder via unspecified vectors.
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2005-02-06
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2005-05-07
Andreas Gohr Dokuwiki Release 2004-07-25
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-09-25
Andreas Gohr Dokuwiki Release 2005-02-18
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki Release 2005-09-22
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-01-15
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2005-07-01
Andreas Gohr Dokuwiki Release 2004-07-21
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2004-09-30
Andreas Gohr Dokuwiki Release 2004-08-15a
5
CVSSv2
CVE-2006-4679
DokuWiki prior to 2006-03-09c enables the debug feature by default, which allows remote malicious users to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug".
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2005-02-06
Andreas Gohr Dokuwiki Release 2005-01-16a
Andreas Gohr Dokuwiki Release 2004-09-12
Andreas Gohr Dokuwiki Release 2005-05-07
Andreas Gohr Dokuwiki Release 2004-07-25
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-09-25
Andreas Gohr Dokuwiki Release 2005-02-18
Andreas Gohr Dokuwiki
Andreas Gohr Dokuwiki Release 2005-09-22
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-01-15
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2005-07-01
Andreas Gohr Dokuwiki Release 2004-07-21
Andreas Gohr Dokuwiki Release 2006-03-05
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2004-09-30
Andreas Gohr Dokuwiki Release 2004-08-15a
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »