Lucene search
K

267 matches found

Nuclei
Nuclei
added 7 hours ago9 views

DokuWiki <= 2025-05-14a Librarian - Reflected Cross-Site Scripting

DokuWiki 2025-05-14a 'Librarian' contains a stored XSS caused by improper sanitization of the 'q' parameter, letting remote attackers execute arbitrary scripts, exploit requires no special privileges. id: CVE-2025-61224 info: name: DokuWiki = 2025-05-14a Librarian - Reflected Cross-Site Scripting...

6.5CVSS6.3AI score0.01272EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40863

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to execute arbitrary code via the register function in inc/auth.php...

9.8CVSS6.2AI score0.0051EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 10:16 p.m.12 views

CVE-2026-37106

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration a non-default feature...

9.8CVSS0.0051EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 10:16 p.m.4 views

UBUNTU-CVE-2026-37106

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration a non-default feature...

9.8CVSS6.1AI score0.0051EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.11 views

PT-2026-54001

Name of the Vulnerable Software and Affected Versions DokuWiki version 2025-05-14b "Librarian" 56.2 Description A remote attacker can execute arbitrary code through the register function in the inc/auth.php file. This issue may also allow the creation of unauthorized accounts via the same functio...

9.8CVSS6.3AI score0.0051EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/30 12:0 a.m.24 views

CVE-2026-37106

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration a non-default feature...

0.0051EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 12:0 a.m.25 views

CVE-2026-37106

CVE-2026-37106 affects DokuWiki (version 2025-05-14b “Librarian” 56.2) where the register function in inc/auth.php can be abused by a remote attacker to create new user accounts. Some sources additionally indicate potential arbitrary code execution via this path; the vendor notes this may reflect...

9.8CVSS5.8AI score0.0051EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-26477

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in Dokuwiki v.2025-05-14b Librarian 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.9AI score0.00452EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/03 3:30 p.m.6 views

EUVD-2026-18657

An issue in Dokuwiki v.2025-05-14b 'Librarian' allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.9AI score0.00452EPSS
Exploits1References2
NVD
NVD
added 2026/04/03 3:16 p.m.6 views

CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS0.00452EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/04/03 3:16 p.m.7 views

CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.8AI score0.00452EPSS
Exploits1References2
OSV
OSV
added 2026/04/03 3:16 p.m.7 views

UBUNTU-CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.8AI score0.00452EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.5 views

PT-2026-30048

Name of the Vulnerable Software and Affected Versions Dokuwiki version 2025-05-14b Description A flaw exists in Dokuwiki version 2025-05-14b 'Librarian' that could allow a remote attacker to cause a denial of service. The issue is related to the media upload xhr function within the media.php file...

7.5CVSS5.8AI score0.00452EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/04/03 12:0 a.m.3 views

CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b 'Librarian' allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.9AI score0.00452EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/03 12:0 a.m.4 views

CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

4.3CVSS5.9AI score0.00452EPSS
Exploits1References2
CVE
CVE
added 2026/04/03 12:0 a.m.17 views

CVE-2026-26477

Summary: CVE-2026-26477 affects Dokuwiki (version 2025-05-14b, Librarian). The vulnerability arises in the media_upload_xhr() function within media.php, enabling a remote attacker to cause a denial of service. Affected component: Dokuwiki media handling, specifically media.php’s media_upload_xhr(...

7.5CVSS5.9AI score0.00452EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2026/04/03 12:0 a.m.5 views

CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.4AI score0.00452EPSS
Exploits1
Cvelist
Cvelist
added 2026/04/03 12:0 a.m.32 views

CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

4.3CVSS0.00452EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/17 1:18 p.m.8 views

CVE-2026-0612

The Librarian contains a information leakage vulnerability through the webfetch tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions ...

7.5CVSS6.8AI score0.00342EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/17 1:18 p.m.7 views

CVE-2026-0615

The Librarian supervisord status page can be retrieved by the webfetch tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions...

7.3CVSS6.9AI score0.00249EPSS
Exploits0References1
Rows per page
Query Builder