CVE-2004-2559 — Gohr Dokuwiki vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.7%

top 27.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Andreas Gohr Dokuwiki Debian Dokuwiki

Timeline

PublishedDec 31

Latest updateApr 29

Description

DokuWiki before 2004-10-19 allows remote attackers to access administrative functionality including (1) Mediaselectiondialog, (2) Recent changes, (3) feed, and (4) search, possibly due to the lack of ACL checks.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶debiandebian/dokuwiki

▶NVDandreas_gohr/dokuwiki11 versions+10

Patches

Patch: securitytracker.com ↗Patch: securitytracker.com ↗

🔴Vulnerability Details

GHSA

GHSA-j2vj-gfj2-r9pm: DokuWiki before 2004-10-19 allows remote attackers to access administrative functionality including (1) Mediaselectiondialog, (2) Recent changes, (3)↗2022-04-29

▶

📋Vendor Advisories

Debian

CVE-2004-2559: dokuwiki - DokuWiki before 2004-10-19 allows remote attackers to access administrative func...↗2004

▶