CVE-2006-2878

Published: Jun 7, 2006Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

The spellchecker (spellcheck.php) in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by preg_replace with the /e (executable) modifier.

Affected (27)

Products: Andreas Gohr: Dokuwiki

Andreas Gohr

1 product

Dokuwiki

Configuration A

27 vulnerable

Vulnerable Software	Affected Versions
Andreas Gohr Dokuwiki	Up to release_2006-06-04
Andreas Gohr Dokuwiki	Version release_2004-07-04
Andreas Gohr Dokuwiki	Version release_2004-07-07
Andreas Gohr Dokuwiki	Version release_2004-07-12
Andreas Gohr Dokuwiki	Version release_2004-07-21
Andreas Gohr Dokuwiki	Version release_2004-07-25
Andreas Gohr Dokuwiki	Version release_2004-08-08
Andreas Gohr Dokuwiki	Version release_2004-08-15a
Andreas Gohr Dokuwiki	Version release_2004-08-22
Andreas Gohr Dokuwiki	Version release_2004-09-12
Andreas Gohr Dokuwiki	Version release_2004-09-25
Andreas Gohr Dokuwiki	Version release_2004-09-30
Andreas Gohr Dokuwiki	Version release_2004-10-19
Andreas Gohr Dokuwiki	Version release_2004-11-01
Andreas Gohr Dokuwiki	Version release_2004-11-02
Andreas Gohr Dokuwiki	Version release_2004-11-10
Andreas Gohr Dokuwiki	Version release_2005-01-14
Andreas Gohr Dokuwiki	Version release_2005-01-15
Andreas Gohr Dokuwiki	Version release_2005-01-16a
Andreas Gohr Dokuwiki	Version release_2005-02-06
Andreas Gohr Dokuwiki	Version release_2005-02-18
Andreas Gohr Dokuwiki	Version release_2005-05-07
Andreas Gohr Dokuwiki	Version release_2005-07-01
Andreas Gohr Dokuwiki	Version release_2005-07-13
Andreas Gohr Dokuwiki	Version release_2005-09-19
Andreas Gohr Dokuwiki	Version release_2005-09-22
Andreas Gohr Dokuwiki	Version release_2006-03-05