Vulnerabilities > Andreas Gohr > Dokuwiki > release.2006.03.09e
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-09-29 | CVE-2006-5099 | Remote Security vulnerability in Andreas Gohr Dokuwiki Release20060305/Release20060309/Release20060309E lib/exec/fetch.php in DokuWiki before 2006-03-09e, when conf[imconvert] is configured to use ImageMagick, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) w and (2) h parameters, which are not filtered when invoking convert. | 7.5 |
2006-09-29 | CVE-2006-5098 | Denial-Of-Service vulnerability in Andreas Gohr Dokuwiki Release20060305/Release20060309/Release20060309E lib/exec/fetch.php in DokuWiki before 2006-03-09e allows remote attackers to cause a denial of service (CPU consumption) via large w and h parameters, when resizing an image. | 5.0 |