Unrated severityNVD Advisory· Published Jun 8, 2009· Updated Jun 16, 2026
CVE-2009-1960
CVE-2009-1960
Description
inc/init.php in DokuWiki 2009-02-14, rc2009-02-06, and rc2009-01-30, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via the config_cascade[main][default][] parameter to doku.php. NOTE: PHP remote file inclusion is also possible in PHP 5 using ftp:// URLs.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: 2009-02-14, rc2009-02-06, rc2009-01-30
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.