Total vulnerabilities in the database
The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19e does not properly encode user input, which leads to a reflected file download vulnerability, and allows remote attackers to run arbitrary programs.
Software | From | Fixed in |
---|---|---|
dokuwiki / dokuwiki | - | 2017-02-19e.x |
debian / debian_linux | 7.0 | 7.0.x |