Vulnerability Details CVE-2004-2559
DokuWiki before 2004-10-19 allows remote attackers to access administrative functionality including (1) Mediaselectiondialog, (2) Recent changes, (3) feed, and (4) search, possibly due to the lack of ACL checks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://securitytracker.com/id?1011802
- http://wiki.splitbrain.org/wiki:old_changes
- http://www.osvdb.org/11005
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17799
- http://securitytracker.com/id?1011802
- http://wiki.splitbrain.org/wiki:old_changes
- http://www.osvdb.org/11005
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17799
Products affected by CVE-2004-2559
-
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-04
-
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-07
-
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-12
-
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-21
-
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-25
-
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-08-08
-
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-08-15a
-
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-08-22
-
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-09-12
-
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-09-25
-
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-09-30