Lucene search
K

269 matches found

Nuclei
Nuclei
added yesterday9 views

DokuWiki <= 2025-05-14a Librarian - Reflected Cross-Site Scripting

DokuWiki 2025-05-14a 'Librarian' contains a stored XSS caused by improper sanitization of the 'q' parameter, letting remote attackers execute arbitrary scripts, exploit requires no special privileges. id: CVE-2025-61224 info: name: DokuWiki = 2025-05-14a Librarian - Reflected Cross-Site Scripting...

6.5CVSS6.3AI score0.01272EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40863

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to execute arbitrary code via the register function in inc/auth.php...

9.8CVSS6.2AI score0.0051EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 10:16 p.m.12 views

CVE-2026-37106

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration a non-default feature...

9.8CVSS0.0051EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 10:16 p.m.5 views

UBUNTU-CVE-2026-37106

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration a non-default feature...

9.8CVSS6.1AI score0.0051EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.12 views

PT-2026-54001

Name of the Vulnerable Software and Affected Versions DokuWiki version 2025-05-14b "Librarian" 56.2 Description A remote attacker can execute arbitrary code through the register function in the inc/auth.php file. This issue may also allow the creation of unauthorized accounts via the same functio...

9.8CVSS6.3AI score0.0051EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/30 12:0 a.m.24 views

CVE-2026-37106

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration a non-default feature...

0.0051EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 12:0 a.m.25 views

CVE-2026-37106

CVE-2026-37106 affects DokuWiki (version 2025-05-14b “Librarian” 56.2) where the register function in inc/auth.php can be abused by a remote attacker to create new user accounts. Some sources additionally indicate potential arbitrary code execution via this path; the vendor notes this may reflect...

9.8CVSS5.8AI score0.0051EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 12:0 a.m.6 views

CVE-2026-37106

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration a non-default feature...

5.8AI score0.0051EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-26477

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in Dokuwiki v.2025-05-14b Librarian 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.9AI score0.00452EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/03 3:30 p.m.6 views

EUVD-2026-18657

An issue in Dokuwiki v.2025-05-14b 'Librarian' allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.9AI score0.00452EPSS
Exploits1References2
NVD
NVD
added 2026/04/03 3:16 p.m.6 views

CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS0.00452EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/04/03 3:16 p.m.7 views

CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.8AI score0.00452EPSS
Exploits1References2
OSV
OSV
added 2026/04/03 3:16 p.m.7 views

UBUNTU-CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.8AI score0.00452EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/03 12:0 a.m.3 views

CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b 'Librarian' allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.9AI score0.00452EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/03 12:0 a.m.4 views

CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

4.3CVSS5.9AI score0.00452EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/03 12:0 a.m.32 views

CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

4.3CVSS0.00452EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.6 views

PT-2026-30048

Name of the Vulnerable Software and Affected Versions Dokuwiki version 2025-05-14b Description A flaw exists in Dokuwiki version 2025-05-14b 'Librarian' that could allow a remote attacker to cause a denial of service. The issue is related to the media upload xhr function within the media.php file...

7.5CVSS5.8AI score0.00452EPSS
Exploits1References5
CVE
CVE
added 2026/04/03 12:0 a.m.17 views

CVE-2026-26477

Summary: CVE-2026-26477 affects Dokuwiki (version 2025-05-14b, Librarian). The vulnerability arises in the media_upload_xhr() function within media.php, enabling a remote attacker to cause a denial of service. Affected component: Dokuwiki media handling, specifically media.php’s media_upload_xhr(...

7.5CVSS5.9AI score0.00452EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2026/04/03 12:0 a.m.5 views

CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.4AI score0.00452EPSS
Exploits1
OSV
OSV
added 2026/04/03 12:0 a.m.1 views

CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

4.3CVSS6AI score0.00452EPSS
Exploits1References4
Rows per page
Query Builder