VDB

GCVE-110-MAGEIA-2015-93

GCVE-110-MAGEIA-2015-93
Advisory Published
Vulnetix · Advisory published March 5, 2015
Updated dokuwiki package fixes security vulnerability: DokuWiki before 20140929c has a security issue in the ACL plugins remote API component. The plugin failed to check for superuser permissions before executing ACL addition or deletion. This means everybody with permissions to call the XMLRPC API also had permissions to set up their own ACL rules and thus circumventing any existing rules (CVE-2015-2172).

Affected Products

VendorProductVersionsPlatforms
Mageiaipython0 (affected), 2.3.0-1.1.mga4 (unaffected)
Mageiadokuwiki0 (affected), 0 (affected), 20140929-1.3.mga4 (unaffected), 20140929-1.3.mga4 (unaffected)

Browse GCVE Records

73,196 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›