News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Stefan Esser's Blog:
DokuWiki remote PHP code injection
June 05, 2006 @ 06:08:12

Stefan Esser has posted this new security issue he discovered in the DokuWiki application.

While searching for the perfect Wiki PHP application for my own german/korean wiki I tested DokuWiki and found an ugly security hole, that allows remote PHP code injection through it's AJAX spellchecking service.

You can read up on his full advisory here, including the location/code of the issue.

0 comments voice your opinion now!
remote injection security advisory dokuwiki remote injection security advisory dokuwiki


blog comments powered by Disqus

Similar Posts

International PHP Magazine: IPM Poll Question: The Most Common PHP Security Mistake Is?

Fabien Potencier's Blog: Create your own framework... on top of the Symfony2 Components (part 12)

Dan Horrigan's Blog: Security in FuelPHP

Sanisoft Blog: Email component in CakePHP is now Header Injection safe

Kevin Schroeder's Blog: My first stab at the Dependency Injection Container in Zend Framework 2


Community Events





Don't see your event here?
Let us know!


threedevsandamaybe release wordpress code configure api application series list introduction interview laravel unittest developer install library podcast community testing language

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework