CVE-2024-58281

Dotclear 2.29 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload process by crafting a PHP shell with a command execution form to gain system access through...

CVE-2024-58281 Dotclear 2.29 Remote Code Execution via Authenticated File Upload

Dotclear 2.29 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload process by crafting a PHP shell with a command execution form to gain system access through...

EUVD-2016-10680

Malware in sbrugna...

EUVD-2011-4983

Malware in sbrugna...

EUVD-2016-8751

Malware in sbrugna...

EUVD-2015-5602

Malware in sbrugna...

EUVD-2018-17459

Malware in sbrugna...

EUVD-2016-8752

Malware in sbrugna...

EUVD-2014-1688

Malware in sbrugna...

EUVD-2014-3720

Malware in sbrugna...

EUVD-2005-3952

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-7903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dotclear before 2.10.3, when the Host header is not part of the web server routing process, allows remote attackers to modify the password reset address link vi...

Linux Distros Unpatched Vulnerability : CVE-2015-8832

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple incomplete blacklist vulnerabilities in inc/core/class.dc.core.php in Dotclear before 2.8.2 allow remote authenticated users with manage their own medi...

Linux Distros Unpatched Vulnerability : CVE-2018-16358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting XSS vulnerability in inc/core/class.dc.core.php in the media manager in Dotclear through 2.14.1 allows remote authenticated users to uplo...

Linux Distros Unpatched Vulnerability : CVE-2015-5651

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in Dotclear before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2024-27626

A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...

CVE-2011-5083

Unrestricted file upload vulnerability in inc/swf/swfupload.swf in Dotclear 2.3.1 and 2.4.2 allows remote attackers to execute arbitrary code by uploading a file with an executable PHP extension, then accessing it via a direct request to the file in an unspecified directory...

Dotclear 2.29 Shell Upload

Dotclear version 2.29 proof of concept remote shell upload exploit that leverages a previously discovered vulnerability from 2024. ============================================================================================================================================= | Title : Dotclear 2.29...

UBUNTU-CVE-2015-8832

Multiple incomplete blacklist vulnerabilities in inc/core/class.dc.core.php in Dotclear before 2.8.2 allow remote authenticated users with "manage their own media items" and "manage their own entries and comments" permissions to execute arbitrary PHP code by uploading a file with a 1 .pht, 2 .php...

[KIS-2014-06] Dotclear <= 2.6.2 (Media Manager) Unrestricted File Upload Vulnerability

------------------------------------------------------------------------ Dotclear = 2.6.2 Media Manager Unrestricted File Upload Vulnerability ------------------------------------------------------------------------ - Software Link: http://dotclear.org/ - Affected Versions: Version 2.6.2 and...