Shodan
Vulnerabilities
Vulnerable Software
Dokuwiki:  >> Dokuwiki  >> 2005-02-06  Security Vulnerabilities
CVE-2014-8762
The ajax_mediadiff function in DokuWiki before 2014-05-05a allows remote attackers to access arbitrary images via a crafted namespace in the ns parameter.
CVSS Score
5.0
EPSS Score
0.006
Published
2014-10-22
CVE-2014-8763
DokuWiki before 2014-05-05b, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a password starting with a null (\0) character and a valid user name, which triggers an unauthenticated bind.
CVSS Score
5.0
EPSS Score
0.011
Published
2014-10-22
CVE-2014-8764
DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a user name and password starting with a null (\0) character, which triggers an anonymous bind.
CVSS Score
5.0
EPSS Score
0.012
Published
2014-10-22
CVE-2011-2510
Cross-site scripting (XSS) vulnerability in the RSS embedding feature in DokuWiki before 2011-05-25a Rincewind allows remote attackers to inject arbitrary web script or HTML via a link.
CVSS Score
4.3
EPSS Score
0.009
Published
2011-07-14
CVE-2010-0287
Directory traversal vulnerability in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki before 2009-12-25b allows remote attackers to list the contents of arbitrary directories via a .. (dot dot) in the ns parameter.
CVSS Score
5.0
EPSS Score
0.085
Published
2010-02-15
CVE-2010-0288
A typo in the administrator permission check in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki before 2009-12-25b allows remote attackers to gain privileges and access closed wikis by editing current ACL statements, as demonstrated in the wild in January 2010.
CVSS Score
7.5
EPSS Score
0.156
Published
2010-02-15
CVE-2010-0289
Multiple cross-site request forgery (CSRF) vulnerabilities in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki before 2009-12-25c allow remote attackers to hijack the authentication of administrators for requests that modify access control rules, and other unspecified requests, via unknown vectors.
CVSS Score
6.8
EPSS Score
0.004
Published
2010-02-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved