Fedora 43 : dokuwiki (2026-511c8bd939)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-511c8bd939 advisory. Add a patch for CVE-2026-26477 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

runcommand security vulnerability

Runcommand is a plugin developed by aelsantex for DokuWiki users. The version released on April 1, 2014, contains a security vulnerability. This vulnerability stems from a flaw in the lib/plugins/runcommand/postaction.php file, which could allow unauthenticated attackers to execute arbitrary syst...

Fedora 44 : dokuwiki / php-php81_bc-strftime (2025-5c621a5a8a)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-5c621a5a8a advisory. - Initial build for PHP81BC\strftime - Update DokuWiki to version 2025-05-14b Librarian Tenable has extracted the preceding description block directly from t...

EUVD-2011-2495

Malware in sbrugna...

EUVD-2006-6948

Malware in sbrugna...

EUVD-2010-0318

Malware in sbrugna...

EUVD-2017-4497

Malware in sbrugna...

EUVD-2017-9258

Malware in sbrugna...

EUVD-2006-5083

Malware in sbrugna...

EUVD-2016-8812

Malware in sbrugna...

EUVD-2011-3685

Malware in sbrugna...

EUVD-2006-2942

Malware in sbrugna...

EUVD-2017-4498

Malware in sbrugna...

EUVD-2014-9078

Malware in sbrugna...

EUVD-2012-0319

Malware in sbrugna...

EUVD-2012-3331

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-7965

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DokuWiki 2016-06-26a and older uses $SERVERHTTPHOST instead of the baseurl setting as part of the password-reset URL. This can lead to phishing attacks. A remot...

Linux Distros Unpatched Vulnerability : CVE-2017-18123

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19e does not properly encode user input, which leads to a reflected file download...

Linux Distros Unpatched Vulnerability : CVE-2016-7964

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to...