VYPR
Unrated severityNVD Advisory· Published Dec 17, 2014· Updated Jun 17, 2026

CVE-2014-9253

CVE-2014-9253

Description

The default file type whitelist configuration in conf/mime.conf in the Media Manager in DokuWiki before 2014-09-29b allows remote attackers to execute arbitrary web script or HTML by uploading an SWF file, then accessing it via the media parameter to lib/exe/fetch.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Dokuwiki/Dokuwiki2 versions
    cpe:2.3:a:dokuwiki:dokuwiki:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:dokuwiki:dokuwiki:*:*:*:*:*:*:*:*range: <=2014-05-05c
    • (no CPE)range: <2014-09-29b
  • cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.