5 matches found
Updated dokuwiki packages fix security vulnerabilities
inc/template.php in DokuWiki before 2014-05-05a only checks for access to the root namespace, which allows remote attackers to access arbitrary images via a media file details ajax call CVE-2014-8761. The ajaxmediadiff function in DokuWiki before 2014-05-05a allows remote attackers to access...
CVE-2014-8762
The ajaxmediadiff function in DokuWiki before 2014-05-05a allows remote attackers to access arbitrary images via a crafted namespace in the ns parameter...
CVE-2014-8762
DokuWiki is affected by CVE-2014-8762 (and related CVEs in the same update set). The issue: the ajax_mediadiff function in DokuWiki before 2014-05-05a allows remote attackers to access arbitrary images via a crafted namespace in the ns parameter, and related failures (e.g., inc/template.php) disc...
CVE-2014-8762
The ajaxmediadiff function in DokuWiki before 2014-05-05a allows remote attackers to access arbitrary images via a crafted namespace in the ns parameter...
CVE-2014-8762
The ajaxmediadiff function in DokuWiki before 2014-05-05a allows remote attackers to access arbitrary images via a crafted namespace in the ns parameter...