Summary
The host is running DokuWiki and is prone to information disclosure vulnerability.
Impact
Successful exploitation will allow attacker to gain sensitive information.
Impact Level: Application
Solution
Upgrade to DokuWiki version dokuwiki-20121013 or later.
For updates refer to http://www.splitbrain.org/projects/dokuwiki
Insight
The flaw is due to error in certain '.php' files. A direct request to these files reveals the installation path in an error message.
Affected
DokuWiki version 2009-12-25c.
References
Severity
Classification
-
CVE CVE-2011-3727 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities
- Admidio get_file.php Remote File Disclosure Vulnerability
- 1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
- Apache Web Server ETag Header Information Disclosure Weakness
- 12Planet Chat Server one2planet.infolet.InfoServlet XSS