Lucene search
K

589 matches found

OSV
OSV
added 2010/02/15 6:30 p.m.5 views

UBUNTU-CVE-2010-0288

A typo in the administrator permission check in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25b allows remote attackers to gain privileges and access closed wikis by editing current ACL statements, as demonstrated in the wild in January 2010...

7.5CVSS5.8AI score0.10546EPSS
Exploits0References3
OSV
OSV
added 2010/02/15 6:30 p.m.1 views

DEBIAN-CVE-2010-0288

A typo in the administrator permission check in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25b allows remote attackers to gain privileges and access closed wikis by editing current ACL statements, as demonstrated in the wild in January 2010...

7.5CVSS6.8AI score0.10546EPSS
Exploits0References1
OSV
OSV
added 2010/02/15 6:30 p.m.3 views

DEBIAN-CVE-2010-0287

Directory traversal vulnerability in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25b allows remote attackers to list the contents of arbitrary directories via a .. dot dot in the ns parameter...

5CVSS6.6AI score0.10612EPSS
Exploits0References1
OSV
OSV
added 2010/02/15 6:30 p.m.3 views

UBUNTU-CVE-2010-0287

Directory traversal vulnerability in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25b allows remote attackers to list the contents of arbitrary directories via a .. dot dot in the ns parameter...

5CVSS5.9AI score0.10612EPSS
Exploits0References3
OSV
OSV
added 2010/02/15 6:30 p.m.2 views

DEBIAN-CVE-2010-0289

Multiple cross-site request forgery CSRF vulnerabilities in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25c allow remote attackers to hijack the authentication of administrators for requests that modify access control rules, and other unspecified requests, via unknown...

6.8CVSS7AI score0.0177EPSS
Exploits0References1
Cvelist
Cvelist
added 2010/02/15 6:0 p.m.30 views

CVE-2010-0289

Multiple cross-site request forgery CSRF vulnerabilities in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25c allow remote attackers to hijack the authentication of administrators for requests that modify access control rules, and other unspecified requests, via unknown...

7AI score0.0177EPSS
Exploits0References9
CVE
CVE
added 2010/02/15 6:0 p.m.72 views

CVE-2010-0289

CVE-2010-0289 stems from CSRF flaws in DokuWiki’s ACL Manager plugin (plugins/acl/ajax.php). The vulnerabilities can allow an attacker to hijack an administrator’s session and modify access-control rules via unspecified vectors. Public details point to multiple CVEs in DokuWiki and advise upgradi...

6.8CVSS7.1AI score0.0177EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2010/02/15 6:0 p.m.69 views

CVE-2010-0287

Summary (CVE-2010-0287): A directory-traversal in DokuWiki’s ACL Manager plugin (plugins/acl/ajax.php) allows remote listing of arbitrary directories via a .. in the ns parameter. Affected: DokuWiki prior to the 2009-12-25b release. CVSS-like context from OpenVAS lists base 7.5 (vector AV:N/AC:L/...

5CVSS6.5AI score0.10612EPSS
Exploits0References11Affected Software1
securityvulns
securityvulns
added 2010/01/23 12:0 a.m.146 views

[SECURITY] [DSA-1976-1] New dokuwiki packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1976-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano January 22, 2010 http://www.debian.org/security/faq -...

7.5CVSS0.10612EPSS
Exploits0
Rows per page
Query Builder