CGI abuses : DokuWiki Remote PHP Script Code Injection Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56970

Categoría: CGI abuses

Título: DokuWiki Remote PHP Script Code Injection Vulnerability

Resumen: NOSUMMARY

Descripción: Description:

The remote version of DokuWiki, according to its version
number, is vulnerable to an arbitrary code execution
vulnerability as a result of insufficient sanitization of
user-supplied input in the 'spellcheck.php' script.

Versions prior to 2006-03-09b are known to be vulnerable.

Solution : Upgrade to 2006-03-09b or later.

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: BugTraq ID: 18289
Common Vulnerability Exposure (CVE) ID: CVE-2006-2878
http://www.securityfocus.com/bid/18289
Bugtraq: 20060605 Advisory 04/2006: DokuWiki PHP code execution vulnerability in spellchecker (Google Search)
http://www.securityfocus.com/archive/1/435989/100/0/threaded
http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046602.html
http://www.gentoo.org/security/en/glsa/glsa-200606-16.xml
http://www.hardened-php.net/advisory_042006.119.html
http://www.osvdb.org/25980
http://securitytracker.com/id?1016221
http://secunia.com/advisories/20429
http://secunia.com/advisories/20669
http://www.vupen.com/english/advisories/2006/2142
XForce ISS Database: dokuwiki-spellchecker-code-execution(26913)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26913

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56970
Categoría:	CGI abuses
Título:	DokuWiki Remote PHP Script Code Injection Vulnerability
Resumen:	NOSUMMARY
Descripción:	Description: The remote version of DokuWiki, according to its version number, is vulnerable to an arbitrary code execution vulnerability as a result of insufficient sanitization of user-supplied input in the 'spellcheck.php' script. Versions prior to 2006-03-09b are known to be vulnerable. Solution : Upgrade to 2006-03-09b or later. Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	BugTraq ID: 18289 Common Vulnerability Exposure (CVE) ID: CVE-2006-2878 http://www.securityfocus.com/bid/18289 Bugtraq: 20060605 Advisory 04/2006: DokuWiki PHP code execution vulnerability in spellchecker (Google Search) http://www.securityfocus.com/archive/1/435989/100/0/threaded http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046602.html http://www.gentoo.org/security/en/glsa/glsa-200606-16.xml http://www.hardened-php.net/advisory_042006.119.html http://www.osvdb.org/25980 http://securitytracker.com/id?1016221 http://secunia.com/advisories/20429 http://secunia.com/advisories/20669 http://www.vupen.com/english/advisories/2006/2142 XForce ISS Database: dokuwiki-spellchecker-code-execution(26913) https://exchange.xforce.ibmcloud.com/vulnerabilities/26913
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com