DokuWiki doku.php file cross-site scripting vulnerability

DokuWiki is a German software developer Andreas Gohr developed a PHP-based Wiki engine , it is mainly used for small and medium-sized team and personal website knowledge base management , and provides version control , full-text search and permission control and other functions . A cross-site...

CVE-2017-12583

DokuWiki through 2017-02-19b has XSS in the at parameter aka the DATEAT variable to doku.php...

CVE-2017-12583

DokuWiki through 2017-02-19b has XSS in the at parameter aka the DATEAT variable to doku.php...

CVE-2017-12583

DokuWiki through 2017-02-19b has XSS in the at parameter aka the DATEAT variable to doku.php...

DEBIAN-CVE-2012-2128

Cross-site request forgery CSRF vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users. NOTE: this issue has been disputed by the vendor, who states that it is resultant from CVE-2012-2129...

CVE-2006-4674

CVE-2006-4674 concerns DokuWiki prior to 2006-03-09c. A direct static code injection flaw in the script doku.php allows remote attackers to execute arbitrary PHP code by supplying a crafted X-FORWARDED-FOR HTTP header, which is stored in config.php. The vulnerability is characterized by an attack...