5 matches found
[SECURITY] [DLA 1413-1] dokuwiki security update
Package : dokuwiki Version : 0.0.20140505.a+dfsg-4+deb8u1 CVE ID : CVE-2017-18123 Debian Bug : 889281 The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19e does not properly encode user input, which leads to a reflected file download vulnerability, and allows remote attackers to...
CVE-2017-18123
The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19e does not properly encode user input, which leads to a reflected file download vulnerability, and allows remote attackers to run arbitrary programs...
CVE-2017-18123
The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19e does not properly encode user input, which leads to a reflected file download vulnerability, and allows remote attackers to run arbitrary programs...
CVE-2017-18123
CVE-2017-18123 affects DokuWiki up to version 2017-02-19e. The vulnerability stems from improper encoding of user input in the call parameter of /lib/exe/ajax.php, enabling a reflected file download that allows an attacker to trigger execution of arbitrary programs on the server. The issue is des...
CVE-2017-18123
The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19e does not properly encode user input, which leads to a reflected file download vulnerability, and allows remote attackers to run arbitrary programs...