VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 11, 2006· Updated Jun 16, 2026

CVE-2006-4674

CVE-2006-4674

Description

Direct static code injection vulnerability in doku.php in DokuWiki before 2006-030-09c allows remote attackers to execute arbitrary PHP code via the X-FORWARDED-FOR HTTP header, which is stored in config.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

28
  • Dokuwiki/Dokuwiki28 versions
    cpe:2.3:a:andreas_gohr:dokuwiki:*:*:*:*:*:*:*:*+ 27 more
    • cpe:2.3:a:andreas_gohr:dokuwiki:*:*:*:*:*:*:*:*range: <=release_2006-03-09
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-04:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-07:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-12:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-21:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-07-25:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-08-08:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-08-15a:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-08-22:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-09-12:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-09-25:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-09-30:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-10-19:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-11-01:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-11-02:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2004-11-10:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-01-14:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-01-15:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-01-16a:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-02-06:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-02-18:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-05-07:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-07-01:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-07-13:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-09-19:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2005-09-22:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2006-03-05:*:*:*:*:*:*:*
    • (no CPE)range: < 2006-03-09c

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.