CVE-2014-8761

Published: Oct 22, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

inc/template.php in DokuWiki before 2014-05-05a only checks for access to the root namespace, which allows remote attackers to access arbitrary images via a media file details ajax call.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

61983

third-party-advisory

x_refsource_SECUNIA

http://advisories.mageia.org/MGASA-2014-0438.html

x_refsource_CONFIRM

https://github.com/splitbrain/dokuwiki/issues/765

x_refsource_CONFIRM

[oss-security] 20141013 CVE request: various security flaws in dokuwiki

mailing-list

x_refsource_MLIST

[oss-security] 20141016 Re: CVE request: various security flaws in dokuwiki

mailing-list

x_refsource_MLIST

DSA-3059

vendor-advisory

x_refsource_DEBIAN

https://bugs.dokuwiki.org/index.php?do=details&task_id=2647#comment6204

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-8761

Description

Affected Products

References