Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveRedhatCVE-2010-0288
HistoryFeb 15, 2010 - 6:30 p.m.

CVE-2010-0288

2010-02-1518:30:00
CWE-264
redhat
web.nvd.nist.gov
52
typo
acl manager
plugin
remote attackers
privileges
nvd
cve-2010-0288

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

0.015

Percentile

86.9%

JSON

A typo in the administrator permission check in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki before 2009-12-25b allows remote attackers to gain privileges and access closed wikis by editing current ACL statements, as demonstrated in the wild in January 2010.

Affected configurations

Nvd
Node
dokuwikidokuwikiRangerelease_2009-02-14
OR
dokuwikidokuwikiMatch2004-07-04
OR
dokuwikidokuwikiMatch2004-07-07
OR
dokuwikidokuwikiMatch2004-07-12
OR
dokuwikidokuwikiMatch2004-07-21
OR
dokuwikidokuwikiMatch2004-07-25
OR
dokuwikidokuwikiMatch2004-08-08
OR
dokuwikidokuwikiMatch2004-08-15a
OR
dokuwikidokuwikiMatch2004-08-22
OR
dokuwikidokuwikiMatch2004-09-12
OR
dokuwikidokuwikiMatch2004-09-25
OR
dokuwikidokuwikiMatch2004-09-30
OR
dokuwikidokuwikiMatch2004-11-01
OR
dokuwikidokuwikiMatch2004-11-02
OR
dokuwikidokuwikiMatch2004-11-10
OR
dokuwikidokuwikiMatch2005-01-14
OR
dokuwikidokuwikiMatch2005-01-15
OR
dokuwikidokuwikiMatch2005-01-16a
OR
dokuwikidokuwikiMatch2005-02-06
OR
dokuwikidokuwikiMatch2005-02-18
OR
dokuwikidokuwikiMatch2005-05-07
OR
dokuwikidokuwikiMatch2005-07-01
OR
dokuwikidokuwikiMatch2005-07-13
OR
dokuwikidokuwikiMatch2005-09-19
OR
dokuwikidokuwikiMatch2005-09-22
OR
dokuwikidokuwikiMatch2006-03-05
OR
dokuwikidokuwikiMatch2006-03-09
OR
dokuwikidokuwikiMatch2006-03-09e
OR
dokuwikidokuwikiMatch2006-06-04
VendorProductVersionCPE
dokuwikidokuwiki*cpe:2.3:a:dokuwiki:dokuwiki:*:*:*:*:*:*:*:*
dokuwikidokuwiki2004-07-04cpe:2.3:a:dokuwiki:dokuwiki:2004-07-04:*:*:*:*:*:*:*
dokuwikidokuwiki2004-07-07cpe:2.3:a:dokuwiki:dokuwiki:2004-07-07:*:*:*:*:*:*:*
dokuwikidokuwiki2004-07-12cpe:2.3:a:dokuwiki:dokuwiki:2004-07-12:*:*:*:*:*:*:*
dokuwikidokuwiki2004-07-21cpe:2.3:a:dokuwiki:dokuwiki:2004-07-21:*:*:*:*:*:*:*
dokuwikidokuwiki2004-07-25cpe:2.3:a:dokuwiki:dokuwiki:2004-07-25:*:*:*:*:*:*:*
dokuwikidokuwiki2004-08-08cpe:2.3:a:dokuwiki:dokuwiki:2004-08-08:*:*:*:*:*:*:*
dokuwikidokuwiki2004-08-15acpe:2.3:a:dokuwiki:dokuwiki:2004-08-15a:*:*:*:*:*:*:*
dokuwikidokuwiki2004-08-22cpe:2.3:a:dokuwiki:dokuwiki:2004-08-22:*:*:*:*:*:*:*
dokuwikidokuwiki2004-09-12cpe:2.3:a:dokuwiki:dokuwiki:2004-09-12:*:*:*:*:*:*:*
Rows per page:
1-10 of 291

Related

cvelist 1
debiancve 1
nessus 6
prion 1
ubuntucve 1
nvd 1
exploitdb 1
freebsd 1
securityvulns 2
openvas 8
debian 3
osv 1
gentoo 1
cvelist
cvelist
CVE-2010-0288
2010-02-15 18:00:00
debiancve
debiancve
CVE-2010-0288
2010-02-15 18:30:00
nessus
nessus
DokuWiki ajax.php cmd[del] Parameter Security Bypass
2010-01-19 00:00:00
FreeBSD : dokuwiki -- multiple vulnerabilities (848539dc-0458-11df-8dd7-002170daae37)
2010-01-19 00:00:00
Debian DSA-1976-1 : dokuwiki - several vulnerabilities
2010-02-24 00:00:00
prion
prion
Code injection
2010-02-15 18:30:00
ubuntucve
ubuntucve
CVE-2010-0288
2010-02-15 00:00:00
nvd
nvd
CVE-2010-0288
2010-02-15 18:30:00
exploitdb
exploitdb
dokuwiki 2009-12-25 - Multiple Vulnerabilities
2010-01-14 00:00:00
freebsd
freebsd
dokuwiki -- multiple vulnerabilities
2010-01-17 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA-1976-1] New dokuwiki packages fix several vulnerabilities
2010-01-23 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2010-01-23 00:00:00
openvas
openvas
FreeBSD Ports: dokuwiki
2010-02-10 00:00:00
Fedora Update for dokuwiki FEDORA-2010-0770
2010-03-02 00:00:00
Fedora Update for dokuwiki FEDORA-2010-0770
2010-03-02 00:00:00
debian
debian
[Backports-security-announce] Security Update for dokuwiki
2010-02-04 19:59:59
[SECURITY] [DSA-1976-1] New dokuwiki packages fix several vulnerabilities
2010-01-22 16:11:52
[Backports-security-announce] Security Update for dokuwiki
2010-02-04 20:00:25
osv
osv
dokuwiki - several vulnerabilities
2010-01-22 00:00:00
gentoo
gentoo
DokuWiki: Multiple vulnerabilities
2013-01-09 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

0.015

Percentile

86.9%

JSON
Related for CVE-2010-0288
cvelist1debiancve1nessus6prion1ubuntucve1nvd1exploitdb1freebsd1securityvulns2openvas8debian3osv1gentoo1