EIP-2026-106511

PRE-CVE

DokuWiki 2006-03-09b - 'dwpage.php' System Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-106511. PoCs published by rgod.

AI-analyzed exploit summary This exploit targets a file disclosure vulnerability in DokuWiki <= 2006-03-09b by manipulating the 'dwpage.php' script to disclose arbitrary files. It sends crafted HTTP requests to read the contents of specified files, such as configuration files or system files.

Description

DokuWiki 2006-03-09b - 'dwpage.php' System Disclosure

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/2322

View Code ZIP pw:eip

This exploit targets a file disclosure vulnerability in DokuWiki <= 2006-03-09b by manipulating the 'dwpage.php' script to disclose arbitrary files. It sends crafted HTTP requests to read the contents of specified files, such as configuration files or system files.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: DokuWiki <= 2006-03-09b

No auth needed

Prerequisites: register_argc_argv = On in PHP configuration · Access to the target server

MITRE ATT&CK

T1083 - File and Directory Discovery T1119 - Automated Collection

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026