Lucene search
K

696 matches found

Nuclei
Nuclei
added yesterday9 views

DokuWiki <= 2025-05-14a Librarian - Reflected Cross-Site Scripting

DokuWiki 2025-05-14a 'Librarian' contains a stored XSS caused by improper sanitization of the 'q' parameter, letting remote attackers execute arbitrary scripts, exploit requires no special privileges. id: CVE-2025-61224 info: name: DokuWiki = 2025-05-14a Librarian - Reflected Cross-Site Scripting...

6.5CVSS6.3AI score0.01272EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday63 views

DokuWiki - Cross-Site Scripting

DokuWiki through 2017-02-19b contains a cross-site scripting vulnerability in the DATEAT parameter to doku.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...

6.1CVSS6.9AI score0.03253EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/07/02 3:37 p.m.7 views

CVE-2026-37106

A flaw was found in DokuWiki. A remote attacker can create an account through the registration function. This occurs when the DokuWiki instance is configured to allow self-registration, which is not the default setting. This could lead to the creation of unauthorized user accounts. Mitigation To...

9.8CVSS5.8AI score0.0051EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40863

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to execute arbitrary code via the register function in inc/auth.php...

9.8CVSS6.2AI score0.0051EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 10:16 p.m.12 views

CVE-2026-37106

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration a non-default feature...

9.8CVSS0.0051EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 10:16 p.m.4 views

UBUNTU-CVE-2026-37106

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration a non-default feature...

9.8CVSS6.1AI score0.0051EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.11 views

PT-2026-54001

Name of the Vulnerable Software and Affected Versions DokuWiki version 2025-05-14b "Librarian" 56.2 Description A remote attacker can execute arbitrary code through the register function in the inc/auth.php file. This issue may also allow the creation of unauthorized accounts via the same functio...

9.8CVSS6.3AI score0.0051EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/30 12:0 a.m.24 views

CVE-2026-37106

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration a non-default feature...

0.0051EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 12:0 a.m.25 views

CVE-2026-37106

CVE-2026-37106 affects DokuWiki (version 2025-05-14b “Librarian” 56.2) where the register function in inc/auth.php can be abused by a remote attacker to create new user accounts. Some sources additionally indicate potential arbitrary code execution via this path; the vendor notes this may reflect...

9.8CVSS5.8AI score0.0051EPSS
Exploits0References3
Fedora
Fedora
added 2026/04/30 1:21 a.m.10 views

[SECURITY] Fedora 43 Update: dokuwiki-20250514b-3.fc43

DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creati ng documentation of any kind. It has a simple but powerful syntax which makes su re the data-files remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...

7.5CVSS5.3AI score0.00452EPSS
Exploits1
Fedora
Fedora
added 2026/04/30 12:54 a.m.11 views

[SECURITY] Fedora 44 Update: dokuwiki-20250514b-5.fc44

DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creati ng documentation of any kind. It has a simple but powerful syntax which makes su re the data-files remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...

7.5CVSS5.3AI score0.00452EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.6 views

Fedora 43 : dokuwiki (2026-511c8bd939)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-511c8bd939 advisory. Add a patch for CVE-2026-26477 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

7.5CVSS5.5AI score0.00452EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.7 views

Fedora 44 : dokuwiki (2026-e1f1cff72a)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e1f1cff72a advisory. Add a patch for CVE-2026-26477 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

7.5CVSS5.5AI score0.00452EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-26477

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in Dokuwiki v.2025-05-14b Librarian 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.9AI score0.00452EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/03 3:30 p.m.6 views

EUVD-2026-18657

An issue in Dokuwiki v.2025-05-14b 'Librarian' allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.9AI score0.00452EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/03 3:21 p.m.5 views

CVE-2026-26477

A flaw was found in Dokuwiki. A remote attacker can exploit this vulnerability by utilizing the mediauploadxhr function within the media.php file. This can lead to a denial of service DoS...

7.5CVSS5.9AI score0.00452EPSS
Exploits1References2
NVD
NVD
added 2026/04/03 3:16 p.m.4 views

CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS0.00452EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/04/03 3:16 p.m.7 views

CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.8AI score0.00452EPSS
Exploits1References2
OSV
OSV
added 2026/04/03 3:16 p.m.7 views

UBUNTU-CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.8AI score0.00452EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.5 views

PT-2026-30048

Name of the Vulnerable Software and Affected Versions Dokuwiki version 2025-05-14b Description A flaw exists in Dokuwiki version 2025-05-14b 'Librarian' that could allow a remote attacker to cause a denial of service. The issue is related to the media upload xhr function within the media.php file...

7.5CVSS5.8AI score0.00452EPSS
Exploits1References5
Rows per page
Query Builder