Lucene search
RedhatCVELIST:CVE-2012-2128HistoryAug 27, 2012 - 12:00 a.m.
CVE-2012-2128
2012-08-2700:00:00
redhat
www.cve.org
2
Cross-site request forgery (CSRF) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users. NOTE: this issue has been disputed by the vendor, who states that it is resultant from CVE-2012-2129: “the exploit code simply uses the XSS hole to extract a valid CSRF token.”
References
bugs.dokuwiki.org/index.php?do=details&task_id=2488
ircrash.com/uploads/dokuwiki.txt
seclists.org/bugtraq/2012/Apr/121
secunia.com/advisories/48848
www.openwall.com/lists/oss-security/2012/04/22/4
www.openwall.com/lists/oss-security/2012/04/23/1
www.securityfocus.com/bid/53041
bugzilla.redhat.com/show_bug.cgi?id=815122
exchange.xforce.ibmcloud.com/vulnerabilities/74907
Related
nessus
nessus
Fedora 16 : dokuwiki-0-0.10.20110525.a.fc16 (2012-6628)
2012-05-29 00:00:00
Fedora 15 : dokuwiki-0-0.10.20110525.a.fc15 (2012-6630)
2012-06-12 00:00:00
openvas
openvas
Fedora Update for dokuwiki FEDORA-2012-6588
2012-08-30 00:00:00
Fedora Update for dokuwiki FEDORA-2012-6630
2012-06-15 00:00:00
Fedora Update for dokuwiki FEDORA-2012-6588
2012-08-30 00:00:00
prion
prion
Cross site request forgery (csrf)
2012-08-27 21:55:00
Cross site scripting
2012-08-27 21:55:00
fedora
fedora
[SECURITY] Fedora 17 Update: dokuwiki-0-0.11.20110525.a.fc17
2012-05-02 20:50:20
[SECURITY] Fedora 16 Update: dokuwiki-0-0.10.20110525.a.fc16
2012-05-27 01:51:42
[SECURITY] Fedora 15 Update: dokuwiki-0-0.10.20110525.a.fc15
2012-06-12 00:27:02
nvd
nvd
CVE-2012-2128
2012-08-27 21:55:01
CVE-2012-2129
2012-08-27 21:55:01
ubuntucve
ubuntucve
CVE-2012-2128
2012-08-27 00:00:00
CVE-2012-2129
2012-08-27 00:00:00
freebsd
freebsd
Dokuwiki -- cross site scripting vulnerability
2012-04-17 00:00:00
debiancve
debiancve
CVE-2012-2128
2012-08-27 21:55:01
CVE-2012-2129
2012-08-27 21:55:01
cve
cve
CVE-2012-2128
2012-08-27 21:55:01
CVE-2012-2129
2012-08-27 21:55:01
cvelist
cvelist
CVE-2012-2129
2012-08-27 21:00:00