CVE-2010-0289

CVE Descriptions

Multiple cross-site request forgery (CSRF) vulnerabilities in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki before 2009-12-25c allow remote attackers to hijack the authentication of administrators for requests that modify access control rules, and other unspecified requests, via unknown vectors.

CVE Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-352	Cross-Site Request Forgery (CSRF) The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V2	6.8		AV:N/AC:M/Au:N/C:P/I:P/A:P	nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

Date	EPSS V0	EPSS V1	EPSS V2 (> 2022-02-04)	EPSS V3 (> 2025-03-07)	EPSS V4 (> 2025-03-17)
2022-02-06	–	–	1.78%	–	–
2022-03-06	–	–	1.78%	–	–
2022-04-03	–	–	1.78%	–	–
2022-07-17	–	–	1.78%	–	–
2023-02-05	–	–	1.96%	–	–
2023-02-19	–	–	1.78%	–	–
2023-02-26	–	–	1.78%	–	–
2023-03-12	–	–	–	0.33%	–
2023-04-30	–	–	–	0.33%	–
2023-10-15	–	–	–	0.33%	–
2024-02-11	–	–	–	0.33%	–
2024-04-14	–	–	–	0.33%	–
2024-06-02	–	–	–	0.33%	–
2024-11-10	–	–	–	0.33%	–
2024-12-22	–	–	–	0.35%	–
2025-01-05	–	–	–	0.35%	–
2025-01-19	–	–	–	0.35%	–
2025-03-18	–	–	–	–	0.4%
2025-03-30	–	–	–	–	0.4%
2025-04-15	–	–	–	–	0.4%
2025-04-15	–	–	–	–	0.4,%

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Date	Percentile
2022-02-06	54%
2022-03-06	55%
2022-04-03	75%
2022-07-17	76%
2023-02-05	78%
2023-02-19	76%
2023-02-26	77%
2023-03-12	66%
2023-04-30	67%
2023-10-15	68%
2024-02-11	7%
2024-04-14	71%
2024-06-02	71%
2024-11-10	72%
2024-12-22	71%
2025-01-05	72%
2025-01-19	72%
2025-03-18	59%
2025-03-30	58%
2025-04-15	6%
2025-04-15	6%

Products Mentioned

Configuraton 0

Dokuwiki>>Dokuwiki >> Version To (including) release_2009-02-14

Dokuwiki>>Dokuwiki >> Version 2004-07-04 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2004-07-07 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2004-07-12 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2004-07-21 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2004-07-25 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2004-08-08 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2004-08-15a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2004-08-22 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2004-09-12 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2004-09-25 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2004-09-30 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2004-10-19 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2004-11-01 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2004-11-02 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2004-11-10 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2005-01-14 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2005-01-15 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2005-01-16 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2005-01-16a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2005-02-06 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2005-02-18 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2005-05-07 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2005-07-01 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2005-07-13 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2005-09-19 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2005-09-22 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2006-03-05 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2006-03-09 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2006-03-09e (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2006-06-04 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2006-11-06 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2007-06-26 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2007-07-13 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2008-05-04 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2008-05-05 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2009-02-14 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2009-02-14b (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2009-12-25 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2009-12-25c (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2010-11-07 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2010-11-07a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2010-11-07b (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2011-05-25 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2011-05-25a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2011-05-25c (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2011_05_25 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2011_05_25a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2012-01-25 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2012-01-25a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2012-01-25b (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2012-01-25c (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2012-10-13 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2013-05-10 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2013-05-10a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2013-12-08 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2013-12-08a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014-05-05 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014-05-05a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014-05-05b (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014-05-05c (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014-05-05d (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014-05-05e (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014-09-29 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014-09-29a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014-09-29b (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014-09-29c (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014-09-29d (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014_05_05c (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014_05_05d (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014_05_05e (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014_09_29b (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014_09_29c (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2014_09_29d (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2015-08-10 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2015-08-10a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2016-06-26 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2016-06-26a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2016-06-26b (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2016-06-26c (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2016-06-26d (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2016-06-26e (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2017-02-19 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2017-02-19a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2017-02-19b (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2017-02-19c (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2017-02-19d (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2017-02-19e (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2017-02-19f (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2018-04-22 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2018-04-22a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2018-04-22b (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2018-04-22c (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2020-07-29 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2020-07-29a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2022-07-31 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2022-07-31a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2022-07-31b (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2023-04-04 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version 2023-04-04a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version rc2009-01-30 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version rc2009-02-06 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2004-07-04 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2004-07-07 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2004-07-12 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2004-07-21 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2004-07-25 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2004-08-08 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2004-08-15a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2004-08-22 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2004-09-12 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2004-09-25 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2004-09-30 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2004-10-19 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2004-11-01 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2004-11-02 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2004-11-10 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2005-01-14 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2005-01-15 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2005-01-16a (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2005-02-06 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2005-02-18 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2005-05-07 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2005-07-01 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2005-07-13 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2005-09-19 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2005-09-22 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2006-03-05 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2006-03-09 (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2006-03-09e (Open CPE detail)
Dokuwiki>>Dokuwiki >> Version release_2006-06-04 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2004-07-04

Dokuwiki>>Dokuwiki >> Version 2004-07-04 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2004-07-07

Dokuwiki>>Dokuwiki >> Version 2004-07-07 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2004-07-12

Dokuwiki>>Dokuwiki >> Version 2004-07-12 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2004-07-21

Dokuwiki>>Dokuwiki >> Version 2004-07-21 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2004-07-25

Dokuwiki>>Dokuwiki >> Version 2004-07-25 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2004-08-08

Dokuwiki>>Dokuwiki >> Version 2004-08-08 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2004-08-15a

Dokuwiki>>Dokuwiki >> Version 2004-08-15a (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2004-08-22

Dokuwiki>>Dokuwiki >> Version 2004-08-22 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2004-09-12

Dokuwiki>>Dokuwiki >> Version 2004-09-12 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2004-09-25

Dokuwiki>>Dokuwiki >> Version 2004-09-25 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2004-09-30

Dokuwiki>>Dokuwiki >> Version 2004-09-30 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2004-11-01

Dokuwiki>>Dokuwiki >> Version 2004-11-01 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2004-11-02

Dokuwiki>>Dokuwiki >> Version 2004-11-02 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2004-11-10

Dokuwiki>>Dokuwiki >> Version 2004-11-10 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2005-01-14

Dokuwiki>>Dokuwiki >> Version 2005-01-14 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2005-01-15

Dokuwiki>>Dokuwiki >> Version 2005-01-15 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2005-01-16a

Dokuwiki>>Dokuwiki >> Version 2005-01-16a (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2005-02-06

Dokuwiki>>Dokuwiki >> Version 2005-02-06 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2005-02-18

Dokuwiki>>Dokuwiki >> Version 2005-02-18 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2005-05-07

Dokuwiki>>Dokuwiki >> Version 2005-05-07 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2005-07-01

Dokuwiki>>Dokuwiki >> Version 2005-07-01 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2005-07-13

Dokuwiki>>Dokuwiki >> Version 2005-07-13 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2005-09-19

Dokuwiki>>Dokuwiki >> Version 2005-09-19 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2005-09-22

Dokuwiki>>Dokuwiki >> Version 2005-09-22 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2006-03-05

Dokuwiki>>Dokuwiki >> Version 2006-03-05 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2006-03-09

Dokuwiki>>Dokuwiki >> Version 2006-03-09 (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2006-03-09e

Dokuwiki>>Dokuwiki >> Version 2006-03-09e (Open CPE detail)

Dokuwiki>>Dokuwiki >> Version 2006-06-04

Dokuwiki>>Dokuwiki >> Version 2006-06-04 (Open CPE detail)

References

http://bugs.splitbrain.org/index.php?do=details&task_id=1853
Tags : x_refsource_CONFIRM

http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034729.html
Tags : vendor-advisory, x_refsource_FEDORA

http://security.gentoo.org/glsa/glsa-201301-07.xml
Tags : vendor-advisory, x_refsource_GENTOO

http://www.splitbrain.org/blog/2010-01/17-dokuwiki-security
Tags : x_refsource_CONFIRM

http://freshmeat.net/projects/dokuwiki/tags/security-fix
Tags : x_refsource_CONFIRM

http://www.debian.org/security/2010/dsa-1976
Tags : vendor-advisory, x_refsource_DEBIAN

http://osvdb.org/61708
Tags : vdb-entry, x_refsource_OSVDB

http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034831.html
Tags : vendor-advisory, x_refsource_FEDORA

http://secunia.com/advisories/38205
Tags : third-party-advisory, x_refsource_SECUNIA

CVE-2010-0289 : Detail