Unrated severityNVD Advisory· Published Nov 20, 2012· Updated Apr 29, 2026

CVE-2012-3354

Description

doku.php in DokuWiki, as used in Fedora 16, 17, and 18, when certain PHP error levels are set, allows remote attackers to obtain sensitive information via the prefix parameter, which reveals the installation path in an error message.

Affected products

Dokuwiki/Dokuwiki
cpe:2.3:a:dokuwiki:dokuwiki:-:*:*:*:*:*:*:*
Fedoraproject/Fedora3 versions
cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.fedoraproject.org/pipermail/package-announce/2012-October/090755.htmlnvd
lists.fedoraproject.org/pipermail/package-announce/2012-October/090899.htmlnvd
lists.fedoraproject.org/pipermail/package-announce/2012-October/090938.htmlnvd
www.freelists.org/post/dokuwiki/Fwd-DokuWiki-Full-path-disclosurenvd
www.mandriva.com/security/advisoriesnvd
www.openwall.com/lists/oss-security/2012/06/24/2nvd
www.openwall.com/lists/oss-security/2012/06/25/2nvd
bugzilla.redhat.com/show_bug.cginvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000