Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/31 3:19 a.m.6 views

CVE-2025-51958

aelsantex runcommand 2014-04-01, a plugin for DokuWiki, allows unauthenticated attackers to execute arbitrary system commands via lib/plugins/runcommand/postaction.php...

9.8CVSS6.2AI score0.00582EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/30 12:0 a.m.5 views

CVE-2025-51958

aelsantex runcommand 2014-04-01, a plugin for DokuWiki, allows unauthenticated attackers to execute arbitrary system commands via lib/plugins/runcommand/postaction.php...

6.2AI score0.00582EPSS
Exploits0References3
CVE
CVE
added 2026/01/30 12:0 a.m.14 views

CVE-2025-51958

CVE-2025-51958 affects the aelsantex runcommand plugin for DokuWiki, where an unauthenticated user can execute arbitrary system commands via lib/plugins/runcommand/postaction.php. The issue stems from the plugin allowing command execution without authentication, enabling an attacker to run comman...

9.8CVSS6.2AI score0.00582EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/10/08 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2025-61224

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross Site Scripting vulnerability in DokuWiki 2025-05-14a 'Librarian'56.1 allows a remote attacker to execute arbitrary code via the q parameter CVE-2025-61224...

6.5CVSS6.2AI score0.01272EPSS
Exploits0References3
OSV
OSV
added 2025/10/06 4:15 p.m.2 views

CVE-2025-61224

Cross Site Scripting vulnerability in DokuWiki 2025-05-14a 'Librarian'56.1 allows a remote attacker to execute arbitrary code via the q parameter...

6.5CVSS6.2AI score0.01272EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/04 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2011-3727

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DokuWiki 2009-12-25c allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an erro...

5CVSS5.8AI score0.01952EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2017-12980

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DokuWiki through 2017-02-19c has stored XSS when rendering a malicious RSS or Atom feed, in /inc/parser/xhtml.php. An attacker can create or edit a wiki that us...

6.1CVSS6.7AI score0.01372EPSS
Exploits1References2
OSV
OSV
added 2014/12/17 6:59 p.m.3 views

DEBIAN-CVE-2014-9253

The default file type whitelist configuration in conf/mime.conf in the Media Manager in DokuWiki before 2014-09-29b allows remote attackers to execute arbitrary web script or HTML by uploading an SWF file, then accessing it via the media parameter to lib/exe/fetch.php...

4.3CVSS6.8AI score0.02365EPSS
Exploits0References1
Rows per page
Query Builder