Approved changes feed: RSS · Atom

cpe:2.3:a:andreas_gohr:dokuwiki:release_2006-03-09:*:*:*:*:*:*:*

part: a version: release_2006-03-09 update: *

VendorAndreas Gohr (a4658386-3843-5995-b060-5bea819353f1)
ProductDokuwiki (9c540088-be0d-55e8-acc6-feb8e635a857)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:deb/debian/dokuwiki purl2cpe 2026-06-01 10:15:23.969288
pkg:deb/ubuntu/dokuwiki purl2cpe 2026-06-01 10:15:23.969290
pkg:github/splitbrain/dokuwiki purl2cpe 2026-06-01 10:15:23.969291
pkg:rpm/fedora/dokuwiki purl2cpe 2026-06-01 10:15:23.969293
pkg:rpm/opensuse/dokuwiki purl2cpe 2026-06-01 10:15:23.969294

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2006-6965 vulnerable 2026-06-08 04:49:30.073838 Details available
CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks.
Published: 2007-01-29T17:00:00.000Z
Updated: 2024-08-07T20:50:06.384Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2006-5099 vulnerable 2026-06-08 04:49:19.671504 Details available
lib/exec/fetch.php in DokuWiki before 2006-03-09e, when conf[imconvert] is configured to use ImageMagick, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) w and (2) h parameters, which are not filtered when invoking convert.
Published: 2006-09-29T23:00:00.000Z
Updated: 2024-08-07T19:41:05.138Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2006-5098 vulnerable 2026-06-08 04:49:19.670507 Details available
lib/exec/fetch.php in DokuWiki before 2006-03-09e allows remote attackers to cause a denial of service (CPU consumption) via large w and h parameters, when resizing an image.
Published: 2006-09-29T23:00:00.000Z
Updated: 2024-08-07T19:41:04.454Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.