aelsantex runcommand 2014-04-01 - Unauthenticated OS Command Injection via postaction.php
aelsantex runcommand 2014-04-01, a plugin for DokuWiki, allows unauthenticated attackers to execute arbitrary system commands via lib/plugins/runcommand/postaction.php.