CVE-2024-58281

Dotclear 2.29 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload process by crafting a PHP shell with a command execution form to gain system access through...

CVE-2024-58281 Dotclear 2.29 Remote Code Execution via Authenticated File Upload

Dotclear 2.29 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload process by crafting a PHP shell with a command execution form to gain system access through...

EUVD-2016-8752

Malware in sbrugna...

EUVD-2015-5602

Malware in sbrugna...

EUVD-2018-17459

Malware in sbrugna...

EUVD-2016-8751

Malware in sbrugna...

EUVD-2005-3952

Malware in sbrugna...

EUVD-2014-3720

Malware in sbrugna...

EUVD-2014-1688

Malware in sbrugna...

EUVD-2011-4983

Malware in sbrugna...

EUVD-2016-10680

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-16358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting XSS vulnerability in inc/core/class.dc.core.php in the media manager in Dotclear through 2.14.1 allows remote authenticated users to uplo...

Linux Distros Unpatched Vulnerability : CVE-2015-8832

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple incomplete blacklist vulnerabilities in inc/core/class.dc.core.php in Dotclear before 2.8.2 allow remote authenticated users with manage their own medi...

Linux Distros Unpatched Vulnerability : CVE-2015-5651

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in Dotclear before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Linux Distros Unpatched Vulnerability : CVE-2016-7903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dotclear before 2.10.3, when the Host header is not part of the web server routing process, allows remote attackers to modify the password reset address link vi...

CVE-2024-27626

A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...

CVE-2011-5083

Unrestricted file upload vulnerability in inc/swf/swfupload.swf in Dotclear 2.3.1 and 2.4.2 allows remote attackers to execute arbitrary code by uploading a file with an executable PHP extension, then accessing it via a direct request to the file in an unspecified directory...

Dotclear 2.29 Shell Upload

Dotclear version 2.29 proof of concept remote shell upload exploit that leverages a previously discovered vulnerability from 2024. ============================================================================================================================================= | Title : Dotclear 2.29...

UBUNTU-CVE-2015-8832

Multiple incomplete blacklist vulnerabilities in inc/core/class.dc.core.php in Dotclear before 2.8.2 allow remote authenticated users with "manage their own media items" and "manage their own entries and comments" permissions to execute arbitrary PHP code by uploading a file with a 1 .pht, 2 .php...

[KIS-2014-06] Dotclear <= 2.6.2 (Media Manager) Unrestricted File Upload Vulnerability

------------------------------------------------------------------------ Dotclear = 2.6.2 Media Manager Unrestricted File Upload Vulnerability ------------------------------------------------------------------------ - Software Link: http://dotclear.org/ - Affected Versions: Version 2.6.2 and...