269 matches found
DokuWiki <= 2025-05-14a Librarian - Reflected Cross-Site Scripting
DokuWiki 2025-05-14a 'Librarian' contains a stored XSS caused by improper sanitization of the 'q' parameter, letting remote attackers execute arbitrary scripts, exploit requires no special privileges. id: CVE-2025-61224 info: name: DokuWiki = 2025-05-14a Librarian - Reflected Cross-Site Scripting...
EUVD-2026-40863
An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to execute arbitrary code via the register function in inc/auth.php...
CVE-2026-37106
An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration a non-default feature...
UBUNTU-CVE-2026-37106
An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration a non-default feature...
PT-2026-54001
Name of the Vulnerable Software and Affected Versions DokuWiki version 2025-05-14b "Librarian" 56.2 Description A remote attacker can execute arbitrary code through the register function in the inc/auth.php file. This issue may also allow the creation of unauthorized accounts via the same functio...
CVE-2026-37106
An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration a non-default feature...
CVE-2026-37106
CVE-2026-37106 affects DokuWiki (version 2025-05-14b “Librarian” 56.2) where the register function in inc/auth.php can be abused by a remote attacker to create new user accounts. Some sources additionally indicate potential arbitrary code execution via this path; the vendor notes this may reflect...
CVE-2026-37106
An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration a non-default feature...
Linux Distros Unpatched Vulnerability : CVE-2026-26477
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in Dokuwiki v.2025-05-14b Librarian 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...
EUVD-2026-18657
An issue in Dokuwiki v.2025-05-14b 'Librarian' allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...
CVE-2026-26477
An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...
CVE-2026-26477
An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...
UBUNTU-CVE-2026-26477
An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...
CVE-2026-26477
An issue in Dokuwiki v.2025-05-14b 'Librarian' allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...
CVE-2026-26477
An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...
CVE-2026-26477
An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...
PT-2026-30048
Name of the Vulnerable Software and Affected Versions Dokuwiki version 2025-05-14b Description A flaw exists in Dokuwiki version 2025-05-14b 'Librarian' that could allow a remote attacker to cause a denial of service. The issue is related to the media upload xhr function within the media.php file...
CVE-2026-26477
Summary: CVE-2026-26477 affects Dokuwiki (version 2025-05-14b, Librarian). The vulnerability arises in the media_upload_xhr() function within media.php, enabling a remote attacker to cause a denial of service. Affected component: Dokuwiki media handling, specifically media.php’s media_upload_xhr(...
CVE-2026-26477
An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...
CVE-2026-26477
An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...