CVE-2006-2945 — Dokuwiki vulnerability

4 documents4 sources

Severity

4.0MEDIUMNVD

EPSS

0.3%

top 48.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dokuwiki Debian Dokuwiki Andreas Gohr Dokuwiki

Timeline

PublishedJun 12

Latest updateMay 1

Description

Unspecified vulnerability in the user profile change functionality in DokuWiki, when Access Control Lists are enabled, allows remote authenticated users to read unauthorized files via unknown attack vectors.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/dokuwiki< dokuwiki 0.0.20060309-4 (bookworm)

▶Debiandokuwiki/dokuwiki< 0.0.20060309-4+3

▶NVDandreas_gohr/dokuwikirelease_2006-03-09+26

Patches

Patch: bugs.splitbrain.org ↗Patch: secunia.com ↗Patch: bugs.splitbrain.org ↗

🔴Vulnerability Details

GHSA

GHSA-qxv2-58jf-jpc7: Unspecified vulnerability in the user profile change functionality in DokuWiki, when Access Control Lists are enabled, allows remote authenticated use↗2022-05-01

▶

OSV

CVE-2006-2945: Unspecified vulnerability in the user profile change functionality in DokuWiki, when Access Control Lists are enabled, allows remote authenticated use↗2006-06-12

▶

📋Vendor Advisories

Debian

CVE-2006-2945: dokuwiki - Unspecified vulnerability in the user profile change functionality in DokuWiki, ...↗2006

▶