CVE-2006-2878
Published Jun 7, 2006
Last updated 6 years ago
Overview
- Description
- The spellchecker (spellcheck.php) in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by preg_replace with the /e (executable) modifier.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "89666BD0-A3FB-463F-B905-9B7D69E61187",
"versionEndIncluding": "release_2006-06-04"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-04:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7FFB3CD9-5B04-4200-87CF-F1B65902D0B0"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-07:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84F5F7BA-00EF-4ACB-A8BA-0CD06A9ABB44"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "63EDDA58-22F6-456A-986D-6A58FD818F5D"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C907D889-8DD7-4542-A74E-C318271E5812"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-25:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "46E98CDA-E813-427A-944A-2A768F075021"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-08-08:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E589DA1C-7428-48A3-A115-3168F99584E6"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-08-15a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B197CF8-3729-414F-8BAA-BC709DEAA140"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-08-22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5470BA9-F1F1-484B-B4D2-328D98483D55"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-09-12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43D11132-69EC-40DD-9D62-CC2B7DF7C344"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-09-25:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDCFDB3E-AB07-4E4C-A065-617A39505EB9"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-09-30:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4A4E1DB-705A-4FD8-913B-D43C4E9117A3"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-10-19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CBFD529E-86A6-43A0-AF97-ADD7C8C2BAFC"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-11-01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A2330E8-22BA-45AD-841B-4230CEED6A20"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-11-02:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7DD67EB1-A54F-44CC-ACE6-3D5ADA3F473F"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-11-10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "47324B2B-AA17-4714-9DFC-FC5C0CF9D452"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-01-14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A14882F1-2073-4DF4-8ECD-D4B9C39EAA03"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-01-15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6FE154F-A880-4053-AA65-C02DD9AA1BC5"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-01-16a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "151742B9-2357-4A12-B839-09ADDF30E61F"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-02-06:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0296920B-64B6-4492-8B54-D11F8CFA7F58"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-02-18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9E00178-D993-479A-BBC8-8AD9BDF69129"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-05-07:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BFB944D-FA24-4B9C-8543-656CFDB6163A"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-07-01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11872728-EE8D-4E4B-9E2F-C658905B5045"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-07-13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "56F542C2-7808-42AD-9A20-85BBBFD27DFF"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-09-19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D4277D9B-E1FF-4285-A766-993B1C38CB42"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-09-22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6A781BA-0949-456E-A529-9CA157CD3F33"
},
{
"criteria": "cpe:2.3:a:andreas_gohr:dokuwiki:release_2006-03-05:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "246EE1AA-8C74-48F7-8E7D-9668933C7D3B"
}
],
"operator": "OR"
}
]
}
]