Lucene search
MitreCVELIST:CVE-2014-9253HistoryDec 17, 2014 - 6:00 p.m.
CVE-2014-9253
2014-12-1718:00:00
mitre
www.cve.org
6
The default file type whitelist configuration in conf/mime.conf in the Media Manager in DokuWiki before 2014-09-29b allows remote attackers to execute arbitrary web script or HTML by uploading an SWF file, then accessing it via the media parameter to lib/exe/fetch.php.
References
advisories.mageia.org/MGASA-2014-0540.html
seclists.org/oss-sec/2014/q4/1050
security.szurek.pl/dokuwiki-20140929a-xss.html
www.securityfocus.com/bid/71671
www.securitytracker.com/id/1031369
exchange.xforce.ibmcloud.com/vulnerabilities/99291
github.com/splitbrain/dokuwiki/commit/778ddf6f2cd9ed38b9db2d73e823b8c21243a960
www.dokuwiki.org/changes
Related
ubuntucve
ubuntucve
CVE-2014-9253
2014-12-17 00:00:00
prion
prion
Default credentials
2014-12-17 18:59:00
cve
cve
CVE-2014-9253
2014-12-17 18:59:02
archlinux
archlinux
dokuwiki: cross-site scripting
2014-12-16 00:00:00
mageia
mageia
Updated docuwiki package fixes CVE-2014-9253
2014-12-19 18:17:07
nvd
nvd
CVE-2014-9253
2014-12-17 18:59:02
debiancve
debiancve
CVE-2014-9253
2014-12-17 18:59:02
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0540)
2022-01-28 00:00:00
Fedora Update for dokuwiki FEDORA-2015-3186
2015-03-27 00:00:00
Fedora Update for dokuwiki FEDORA-2015-3211
2015-03-27 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: dokuwiki-0-0.24.20140929c.fc21
2015-03-26 21:44:25
[SECURITY] Fedora 22 Update: dokuwiki-0-0.24.20140929c.fc22
2015-03-26 22:07:58
[SECURITY] Fedora 20 Update: dokuwiki-0-0.24.20140929c.fc20
2015-03-26 21:39:47
nessus
nessus
Fedora 21 : dokuwiki-0-0.24.20140929c.fc21 (2015-3186)
2015-03-27 00:00:00
Fedora 22 : dokuwiki-0-0.24.20140929c.fc22 (2015-3079)
2015-03-27 00:00:00
Fedora 20 : dokuwiki-0-0.24.20140929c.fc20 (2015-3211)
2015-03-27 00:00:00
securityvulns
securityvulns
[ MDVSA-2015:185 ] dokuwiki
2015-05-12 00:00:00