CVE-2006-4674
CVE-2006-4674 concerns DokuWiki prior to 2006-03-09c. A direct static code injection flaw in the script doku.php allows remote attackers to execute arbitrary PHP code by supplying a crafted X-FORWARDED-FOR HTTP header, which is stored in config.php. The vulnerability is characterized by an attack...