Download
| Alert*
oval:org.secpod.oval:def:108553
dokuwiki is installed oval:org.secpod.oval:def:601816 Two vulnerabilities have been discovered in dokuwiki. Access control in the media manager was insufficiently restricted and authentication could be bypassed when using Active Directory for LDAP authentication. oval:org.secpod.oval:def:108559 DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating documentation of any kind. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no databas ... oval:org.secpod.oval:def:108552 DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating documentation of any kind. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no databas ... oval:org.secpod.oval:def:702267 dokuwiki is installed oval:org.secpod.oval:def:115070 DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating documentation of any kind. It has a simple but powerful syntax which makes sure the data-files remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no databa ... oval:org.secpod.oval:def:115116 DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating documentation of any kind. It has a simple but powerful syntax which makes sure the data-files remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no databa ... oval:org.secpod.oval:def:1900299 The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19edoes not properly encode user input, which leads to a reflected file download vulnerability, and allows remote attackers to run arbitrary programs. oval:org.secpod.oval:def:1900229 DokuWiki through 2017-02-19b has XSS in the at parameter to doku.php. oval:org.secpod.oval:def:1901210 DokuWiki through 2017-02-19c has stored XSS when rendering a malicious RSS or Atom feed, in /inc/parser/xhtml.php. An attacker can create or edit a wiki that uses RSS or Atom data from an attacker-controlled server to trigger JavaScript execution. The JavaScript can be in an author field, as demonst ... oval:org.secpod.oval:def:1901300 DokuWiki through 2017-02-19c has stored XSS when rendering a malicious language name in a code element, in /inc/parser/xhtml.php. An attacker can create or edit a wiki with this element to trigger JavaScript execution. |