|Date: (C)2018-02-06 (M)2018-02-15|| |
The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19e does not properly encode user input, which leads to a reflected file download vulnerability, and allows remote attackers to run arbitrary programs.
|CVSS Score: 6.8||Access Vector: |
|Exploit Score: ||Access Complexity: |
|Impact Score: ||Authentication: |
| ||Confidentiality: |
| ||Integrity: |
| ||Availability: |