314 matches found
CVE-2024-27626
A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...
CVE-2011-1584
The updateFile function in inc/core/class.dc.media.php in the Media Manager in Dotclear before 2.2.3 does not properly restrict pathnames, which allows remote authenticated users to upload and execute arbitrary PHP code via the mediapath or mediafile parameter. NOTE: some of these details are...
CVE-2011-5083
Unrestricted file upload vulnerability in inc/swf/swfupload.swf in Dotclear 2.3.1 and 2.4.2 allows remote attackers to execute arbitrary code by uploading a file with an executable PHP extension, then accessing it via a direct request to the file in an unspecified directory...
Dotclear 2.29 Shell Upload
Dotclear version 2.29 proof of concept remote shell upload exploit that leverages a previously discovered vulnerability from 2024. ============================================================================================================================================= | Title : Dotclear 2.29...
Dotclear 2.29 - Remote Code Execution Exploit
Exploit Title: Dotclear 2.29 - Remote Code Execution RCE Discovered by: Ahmet Ümit BAYRAM Vendor Homepage: https://git.dotclear.org/explore/repos Software Link: https://github.com/dotclear/dotclear/archive/refs/heads/master.zip Tested Version: v2.29 latest Tested on: MacOS import requests import...
Dotclear 2.29 - Remote Code Execution (RCE)
Exploit Title: Dotclear 2.29 - Remote Code Execution RCE Discovered by: Ahmet Ümit BAYRAM Discovered Date: 26.04.2024 Vendor Homepage: https://git.dotclear.org/explore/repos Software Link: https://github.com/dotclear/dotclear/archive/refs/heads/master.zip Tested Version: v2.29 latest Tested on:...
CVE-2024-27626
A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...
UBUNTU-CVE-2024-27626
A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...
CVE-2024-27626
A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...
Dotclear 安全漏洞
Dotclear is an open source blog publishing application from Dotclear Open Source. A security vulnerability exists in Dotclear version 2.29, which stems from a reflected cross-site scripting XSS vulnerability in the Search function of Admin Panel...
Cross site scripting
A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...
CVE-2024-27626
A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...
PT-2024-21975 · Dotclear · Dotclear
Name of the Vulnerable Software and Affected Versions: Dotclear version 2.29 Description: A Reflected Cross-Site Scripting XSS issue has been identified in the Search functionality of the Admin Panel. Recommendations: For Dotclear version 2.29, consider disabling the Search functionality within t...
CVE-2024-27626
CVE-2024-27626 affects Dotclear 2.29, with a Reflected Cross-Site Scripting (XSS) issue in the Admin Panel Search function. The CVE entry lists CVSSv3.1 metrics: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N (base score 6.1, MEDIUM). Impact is limited to confidentiality and integrity (LOW) with no availabi...
CVE-2024-27626
A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...
CVE-2024-27626
A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...
Dotclear 2.29 Cross Site Scripting Vulnerability
Exploit Title: Dotclear Version : 2.29 - Reflected XSS Exploit Author: tmrswrr Vendor Homepage: https://dotclear.org/ Version : 2.29 Tested on: https://softaculous.com/demos/dotclear 1 Enter admin panel after write search button this payload : " 2...
Dotclear 2.29 Cross Site Scripting
Exploit Title: Dotclear Version : 2.29 - Reflected XSS Date: 2024-21-02 Exploit Author: tmrswrr Vendor Homepage: https://dotclear.org/ Version : 2.29 Tested on: https://softaculous.com/demos/dotclear 1 Enter admin panel after write search button this payload : " 2...
dotclear 2.25.3 Shell Upload
Exploit Title: dotclear 2.25.3 - Remote Code Execution RCE Authenticated Application: dotclear Version: 2.25.3 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://dotclear.org/ Software Link: https://dotclear.org/download Date of found: 08.04.2023...
dotclear 2.25.3 - Remote Code Execution (Authenticated) Exploit
Exploit Title: dotclear 2.25.3 - Remote Code Execution RCE Authenticated Application: dotclear Version: 2.25.3 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://dotclear.org/ Software Link: https://dotclear.org/download Date of found: 08.04.2023...