VYPR
Unrated severityNVD Advisory· Published Jan 29, 2007· Updated Jun 16, 2026

CVE-2006-6965

CVE-2006-6965

Description

CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Dokuwiki/Dokuwiki3 versions
    cpe:2.3:a:andreas_gohr:dokuwiki:release_2006-03-09:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2006-03-09:*:*:*:*:*:*:*
    • cpe:2.3:a:andreas_gohr:dokuwiki:release_2006-03-09e:*:*:*:*:*:*:*
    • (no CPE)range: <= 2006-03-09e

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.