Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2004-2560

DokuWiki before 2004-10-19, when used on a web server that permits execution based on file extension, allows remote attackers to execute arbitrary code by uploading a file with an appropriate extension such as ".php" or ".cgi".

  • Published: Dec 31, 2004
  • Updated: Apr 13, 2023
  • CVE: CVE-2004-2560
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
andreas_gohr / dokuwiki release_2004-07-07 release_2004-07-07.x
andreas_gohr / dokuwiki release_2004-08-08 release_2004-08-08.x
andreas_gohr / dokuwiki release_2004-09-12 release_2004-09-12.x
andreas_gohr / dokuwiki release_2004-07-25 release_2004-07-25.x
andreas_gohr / dokuwiki release_2004-08-22 release_2004-08-22.x
andreas_gohr / dokuwiki release_2004-09-25 release_2004-09-25.x
andreas_gohr / dokuwiki release_2004-07-04 release_2004-07-04.x
andreas_gohr / dokuwiki release_2004-07-21 release_2004-07-21.x
andreas_gohr / dokuwiki release_2004-09-30 release_2004-09-30.x
andreas_gohr / dokuwiki release_2004-08-15a release_2004-08-15a.x
andreas_gohr / dokuwiki release_2004-07-12 release_2004-07-12.x