PHPDeveloper.org: Stefan Esser's Blog: DokuWiki remote PHP code injection

	News Feed
	Jobs Feed

Sections

Tutorials

Books

Events

Talks

Jobs

News Archive

Reddit.com:

PHPMaster.com: Openbiz Cubi: A Robust PHP Application Framework, Part 2

PHPClasses.org: 5 Reasons Why the Web Platform War is Over: PHP Won with 75% says Google

Community News: Packagist Latest Releases for 05.22.2013

Community News: Latest Releases from PHPClasses.org

PHPMaster.com: Understanding HTTP Digest Access Authentication

NetTuts.com: How to Create a PyroCMS Theme

Gonzalo Ayuso: Google App Engine, PHP and Silex. Setting up a Login Provider

Michelangelo van Dam: Survived php tek 2013

Community News: Packagist Latest Releases for 05.21.2013

Stefan Esser's Blog:
DokuWiki remote PHP code injection

by Chris Cornutt June 05, 2006 @ 06:08:12

Stefan Esser has posted this new security issue he discovered in the DokuWiki application.

While searching for the perfect Wiki PHP application for my own german/korean wiki I tested DokuWiki and found an ugly security hole, that allows remote PHP code injection through it's AJAX spellchecking service.

You can read up on his full advisory here, including the location/code of the issue.

0 comments voice your opinion now!
remote injection security advisory dokuwiki remote injection security advisory dokuwiki

blog comments powered by Disqus

Chris Shiflett\'s Blog: PHP Insecurity

PHP.net: PHP 4.4.3 Released

Project: RIPS - Static Source Code Analyzer for Vulnerabilities in PHP Scripts

CodePoets.co.uk: How to use PHP and PEAR MDB2 (Tutorial)

Community Events

Don't see your event here?
Let us know!

All content copyright, 2013 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework

Similar Posts