15 matches found
Debian: Security Advisory (DSA-1976-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DokuWiki Multiple CSRF Vulnerabilities
Dokuwiki is prone to multiple Cross Site Scripting vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2010-0287
Directory traversal vulnerability in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25b allows remote attackers to list the contents of arbitrary directories via a .. dot dot in the ns parameter...
CVE-2010-0287
Directory traversal vulnerability in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25b allows remote attackers to list the contents of arbitrary directories via a .. dot dot in the ns parameter...
CVE-2010-0288
A typo in the administrator permission check in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25b allows remote attackers to gain privileges and access closed wikis by editing current ACL statements, as demonstrated in the wild in January 2010...
CVE-2010-0288
A typo in the administrator permission check in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25b allows remote attackers to gain privileges and access closed wikis by editing current ACL statements, as demonstrated in the wild in January 2010...
UBUNTU-CVE-2010-0287
Directory traversal vulnerability in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25b allows remote attackers to list the contents of arbitrary directories via a .. dot dot in the ns parameter...
DEBIAN-CVE-2010-0287
Directory traversal vulnerability in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25b allows remote attackers to list the contents of arbitrary directories via a .. dot dot in the ns parameter...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25c allow remote attackers to hijack the authentication of administrators for requests that modify access control rules, and other unspecified requests, via unknown...
CVE-2010-0289
Multiple cross-site request forgery CSRF vulnerabilities in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25c allow remote attackers to hijack the authentication of administrators for requests that modify access control rules, and other unspecified requests, via unknown...
DEBIAN-CVE-2010-0289
Multiple cross-site request forgery CSRF vulnerabilities in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25c allow remote attackers to hijack the authentication of administrators for requests that modify access control rules, and other unspecified requests, via unknown...
CVE-2010-0287
Summary (CVE-2010-0287): A directory-traversal in DokuWiki’s ACL Manager plugin (plugins/acl/ajax.php) allows remote listing of arbitrary directories via a .. in the ns parameter. Affected: DokuWiki prior to the 2009-12-25b release. CVSS-like context from OpenVAS lists base 7.5 (vector AV:N/AC:L/...
CVE-2010-0289
Multiple cross-site request forgery CSRF vulnerabilities in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25c allow remote attackers to hijack the authentication of administrators for requests that modify access control rules, and other unspecified requests, via unknown...
CVE-2010-0289
CVE-2010-0289 stems from CSRF flaws in DokuWiki’s ACL Manager plugin (plugins/acl/ajax.php). The vulnerabilities can allow an attacker to hijack an administrator’s session and modify access-control rules via unspecified vectors. Public details point to multiple CVEs in DokuWiki and advise upgradi...
[SECURITY] [DSA-1976-1] New dokuwiki packages fix several vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1976-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano January 22, 2010 http://www.debian.org/security/faq -...