Published on 2006-06-05 23:27:15

Stefan Esser has found a critical security issue in DocuWiki. The bug allows remote PHP code injection through its AJAX spellchecking service. It is due to /e modifier of preg_replace() that handles links that are embedded in the text and translates them in an unsafe way. Stefan has posted an advisory with details about the bug and a recommendation to upgrade.

While searching for the perfect Wiki PHP application for my own german/korean wiki, I tested DokuWiki and found an ugly security hole that allows remote PHP code injection through it's AJAX spellchecking service.

• Who Own the AJAX Home Pages Market ?
• Hive 7, an AJAX Virtual World
• PayPal Seeks AJAX and Javascript Expert
• AJAXOS, the AJAX-aware desktop

• Find Dating Services Denver Now!
• [Contact us]

Member of the PHP Magazine Network, Copyright (C) 2005-2008 phpmagazine.net All Rights Reserved