Описание
DokuWiki before 2004-10-19, when used on a web server that permits execution based on file extension, allows remote attackers to execute arbitrary code by uploading a file with an appropriate extension such as ".php" or ".cgi".
Ссылки
- Patch
- Patch
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-04:*:*:*:*:*:*:*
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-07:*:*:*:*:*:*:*
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-12:*:*:*:*:*:*:*
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-21:*:*:*:*:*:*:*
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-25:*:*:*:*:*:*:*
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-08-08:*:*:*:*:*:*:*
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-08-15a:*:*:*:*:*:*:*
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-08-22:*:*:*:*:*:*:*
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-09-12:*:*:*:*:*:*:*
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-09-25:*:*:*:*:*:*:*
cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-09-30:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02393
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 20 лет назад
DokuWiki before 2004-10-19, when used on a web server that permits exe ...
github
больше 3 лет назад
DokuWiki before 2004-10-19, when used on a web server that permits execution based on file extension, allows remote attackers to execute arbitrary code by uploading a file with an appropriate extension such as ".php" or ".cgi".
EPSS
Процентиль: 84%
0.02393
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other