Vulnerabilities > Andreas Gohr > Dokuwiki > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-09-29 | CVE-2006-5099 | Remote Security vulnerability in Andreas Gohr Dokuwiki Release20060305/Release20060309/Release20060309E lib/exec/fetch.php in DokuWiki before 2006-03-09e, when conf[imconvert] is configured to use ImageMagick, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) w and (2) h parameters, which are not filtered when invoking convert. | 7.5 |
| 2006-09-11 | CVE-2006-4675 | File-Upload vulnerability in Dokuwiki Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki before 2006-03-09c allows remote attackers to upload executable files into the data/media folder via unspecified vectors. | 7.5 |
| 2006-09-11 | CVE-2006-4674 | Unspecified vulnerability in Andreas Gohr Dokuwiki Direct static code injection vulnerability in doku.php in DokuWiki before 2006-030-09c allows remote attackers to execute arbitrary PHP code via the X-FORWARDED-FOR HTTP header, which is stored in config.php. | 7.5 |
| 2006-06-07 | CVE-2006-2878 | Remote PHP Script Code Injection vulnerability in DokuWiki The spellchecker (spellcheck.php) in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by preg_replace with the /e (executable) modifier. | 7.5 |
| 2004-12-31 | CVE-2004-2560 | Remote Arbitrary File Upload vulnerability in DokuWiki DokuWiki before 2004-10-19, when used on a web server that permits execution based on file extension, allows remote attackers to execute arbitrary code by uploading a file with an appropriate extension such as ".php" or ".cgi". | 7.5 |
| 2004-12-31 | CVE-2004-2559 | Denial-Of-Service vulnerability in Dokuwiki DokuWiki before 2004-10-19 allows remote attackers to access administrative functionality including (1) Mediaselectiondialog, (2) Recent changes, (3) feed, and (4) search, possibly due to the lack of ACL checks. | 7.5 |