CVE-2006-4675 — Unrestricted File Upload in Dokuwiki

4 documents4 sources

Severity

7.5HIGHNVD

EPSS

1.4%

top 19.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dokuwiki Debian Dokuwiki Andreas Gohr Dokuwiki

Timeline

PublishedSep 11

Latest updateMay 1

Description

Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki before 2006-03-09c allows remote attackers to upload executable files into the data/media folder via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/dokuwiki< dokuwiki 0.0.20060309-5.1 (bookworm)

▶Debiandokuwiki/dokuwiki< 0.0.20060309-5.1+3

▶NVDandreas_gohr/dokuwikirelease_2006-03-09+26

Patches

Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-h835-m7hg-6vqh: Unrestricted file upload vulnerability in lib/exe/media↗2022-05-01

▶

OSV

CVE-2006-4675: Unrestricted file upload vulnerability in lib/exe/media↗2006-09-11

▶

📋Vendor Advisories

Debian

CVE-2006-4675: dokuwiki - Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki before 2...↗2006

▶