Dokuwiki@2006-03-05 Security Vulnerabilities and Issues — Dokuwiki@2006-03-05 CVE List

Lucene search

DokuwikiDokuwiki2006-03-05

4 matches found

cve•added 2010/02/15 6:30 p.m.•69 views

CVE-2010-0288

A typo in the administrator permission check in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki before 2009-12-25b allows remote attackers to gain privileges and access closed wikis by editing current ACL statements, as demonstrated in the wild in January 2010.

7.5CVSS6.6AI score0.15608EPSS

cve•added 2010/02/15 6:30 p.m.•59 views

CVE-2010-0289

Multiple cross-site request forgery (CSRF) vulnerabilities in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki before 2009-12-25c allow remote attackers to hijack the authentication of administrators for requests that modify access control rules, and other unspecified requests, via unknown...

6.8CVSS7.1AI score0.00404EPSS

cve•added 2010/02/15 6:30 p.m.•56 views

CVE-2010-0287

Directory traversal vulnerability in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki before 2009-12-25b allows remote attackers to list the contents of arbitrary directories via a .. (dot dot) in the ns parameter.

5CVSS6.5AI score0.08488EPSS

cve•added 2011/07/14 11:55 p.m.•45 views

CVE-2011-2510

Cross-site scripting (XSS) vulnerability in the RSS embedding feature in DokuWiki before 2011-05-25a Rincewind allows remote attackers to inject arbitrary web script or HTML via a link.

4.3CVSS5.4AI score0.00864EPSS