FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-09-28 16:19:23 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
4f838b74-50a1-11de-b01f-001c2514716c	dokuwiki -- Local File Inclusion with register_globals on DokuWiki reports: A security hole was discovered which allows an attacker to include arbitrary files located on the attacked DokuWiki installation. The included file is executed in the PHP context. This can be escalated by introducing malicious code through uploading file via the media manager or placing PHP code in editable pages. Discovery 2009-05-26 Entry 2009-06-04 Modified 2010-05-02 dokuwiki < 20090214_2 dokuwiki-devel > 0 CVE-2009-1960 http://bugs.splitbrain.org/index.php?do=details&task_id=1700
cddde37a-39b5-11dc-b3da-001921ab2fa4	dokuwiki -- XSS vulnerability in spellchecker backend DokuWiki reports: The spellchecker tests the UTF-8 capabilities of the used browser by sending an UTF-8 string to the backend, which will send it back unfiltered. By comparing string length the spellchecker can work around broken implementations. An attacker could construct a form to let users send JavaScript to the spellchecker backend, resulting in malicious JavaScript being executed in their browser. Affected are all versions up to and including 2007-06-26 even when the spell checker is disabled. Discovery 2007-06-26 Entry 2007-07-24 dokuwiki < 20070626_1 dokuwiki-devel < 20070524_1 http://xforce.iss.net/xforce/xfdb/35501 CVE-2007-3930

VuXML ID

Description

4f838b74-50a1-11de-b01f-001c2514716c

dokuwiki -- Local File Inclusion with register_globals on

DokuWiki reports:

A security hole was discovered which allows an attacker to include arbitrary files located on the attacked DokuWiki installation. The included file is executed in the PHP context. This can be escalated by introducing malicious code through uploading file via the media manager or placing PHP code in editable pages.

Discovery 2009-05-26
Entry 2009-06-04
Modified 2010-05-02
dokuwiki

< 20090214_2

dokuwiki-devel

> 0

CVE-2009-1960
http://bugs.splitbrain.org/index.php?do=details&task_id=1700

cddde37a-39b5-11dc-b3da-001921ab2fa4

dokuwiki -- XSS vulnerability in spellchecker backend

DokuWiki reports:

The spellchecker tests the UTF-8 capabilities of the used browser by sending an UTF-8 string to the backend, which will send it back unfiltered. By comparing string length the spellchecker can work around broken implementations. An attacker could construct a form to let users send JavaScript to the spellchecker backend, resulting in malicious JavaScript being executed in their browser.

Affected are all versions up to and including 2007-06-26 even when the spell checker is disabled.

Discovery 2007-06-26
Entry 2007-07-24
dokuwiki

< 20070626_1

dokuwiki-devel

< 20070524_1

http://xforce.iss.net/xforce/xfdb/35501
CVE-2007-3930