VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Feb 15, 2010· Updated Apr 29, 2026

CVE-2010-0288

CVE-2010-0288

Description

A typo in the administrator permission check in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki before 2009-12-25b allows remote attackers to gain privileges and access closed wikis by editing current ACL statements, as demonstrated in the wild in January 2010.

Affected products

29
  • Dokuwiki/Dokuwiki29 versions
    cpe:2.3:a:dokuwiki:dokuwiki:*:*:*:*:*:*:*:*+ 28 more
    • cpe:2.3:a:dokuwiki:dokuwiki:*:*:*:*:*:*:*:*range: <=release_2009-02-14
    • cpe:2.3:a:dokuwiki:dokuwiki:2004-07-04:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2004-07-07:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2004-07-12:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2004-07-21:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2004-07-25:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2004-08-08:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2004-08-15a:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2004-08-22:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2004-09-12:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2004-09-25:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2004-09-30:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2004-11-01:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2004-11-02:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2004-11-10:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2005-01-14:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2005-01-15:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2005-01-16a:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2005-02-06:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2005-02-18:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2005-05-07:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2005-07-01:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2005-07-13:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2005-09-19:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2005-09-22:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2006-03-05:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2006-03-09:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2006-03-09e:*:*:*:*:*:*:*
    • cpe:2.3:a:dokuwiki:dokuwiki:2006-06-04:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

12

News mentions

0

No linked articles in our index yet.