Summary
DokuWiki is prone to an information-disclosure vulnerability and to multiple security-bypass vulnerabilities.
Exploiting this issues may allow attackers to determine whether certain files reside on the affected computer. Information obtained may lead to further attacks. Unauthenticated attackers can leverage these issues to change or delete wiki permissions.
This issue affects DokuWiki 2009-12-25
other versions may be
vulnerable as well.
Solution
Reports indicate that updates are available, but Symantec has not confirmed this information. Please see the references and contact the vendor for details.
References
Severity
Classification
-
CVE CVE-2010-0287 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Alt-N WebAdmin Remote Source Code Information Disclosure Vulnerability
- Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities
- Apache Tomcat Login Constraints Security Bypass Vulnerability
- AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities
- AdaptCMS 'init.php' Remote File Include Vulnerability