Lucene search
K

314 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:39 a.m.8 views

CVE-2024-27626

A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...

6.1CVSS5.7AI score0.00429EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:53 a.m.6 views

CVE-2011-1584

The updateFile function in inc/core/class.dc.media.php in the Media Manager in Dotclear before 2.2.3 does not properly restrict pathnames, which allows remote authenticated users to upload and execute arbitrary PHP code via the mediapath or mediafile parameter. NOTE: some of these details are...

6.5CVSS7.6AI score0.01691EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:46 a.m.8 views

CVE-2011-5083

Unrestricted file upload vulnerability in inc/swf/swfupload.swf in Dotclear 2.3.1 and 2.4.2 allows remote attackers to execute arbitrary code by uploading a file with an executable PHP extension, then accessing it via a direct request to the file in an unspecified directory...

7.5CVSS8.2AI score0.033EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2025/03/13 12:0 a.m.280 views

Dotclear 2.29 Shell Upload

Dotclear version 2.29 proof of concept remote shell upload exploit that leverages a previously discovered vulnerability from 2024. ============================================================================================================================================= | Title : Dotclear 2.29...

7.5AI score
Exploits0
0day.today
0day.today
added 2024/06/04 12:0 a.m.273 views

Dotclear 2.29 - Remote Code Execution Exploit

Exploit Title: Dotclear 2.29 - Remote Code Execution RCE Discovered by: Ahmet Ümit BAYRAM Vendor Homepage: https://git.dotclear.org/explore/repos Software Link: https://github.com/dotclear/dotclear/archive/refs/heads/master.zip Tested Version: v2.29 latest Tested on: MacOS import requests import...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/06/03 12:0 a.m.257 views

Dotclear 2.29 - Remote Code Execution (RCE)

Exploit Title: Dotclear 2.29 - Remote Code Execution RCE Discovered by: Ahmet Ümit BAYRAM Discovered Date: 26.04.2024 Vendor Homepage: https://git.dotclear.org/explore/repos Software Link: https://github.com/dotclear/dotclear/archive/refs/heads/master.zip Tested Version: v2.29 latest Tested on:...

7.4AI score
Exploits0
NVD
NVD
added 2024/03/21 2:52 a.m.11 views

CVE-2024-27626

A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...

6.1CVSS5.5AI score0.00429EPSS
Exploits0References1
OSV
OSV
added 2024/03/21 2:52 a.m.2 views

UBUNTU-CVE-2024-27626

A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...

6.1CVSS5.7AI score0.00429EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/03/21 2:52 a.m.13 views

CVE-2024-27626

A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...

6.1CVSS5.7AI score0.00429EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.4 views

Dotclear 安全漏洞

Dotclear is an open source blog publishing application from Dotclear Open Source. A security vulnerability exists in Dotclear version 2.29, which stems from a reflected cross-site scripting XSS vulnerability in the Search function of Admin Panel...

6.1CVSS5.6AI score0.00429EPSS
Exploits0References2
Prion
Prion
added 2024/03/14 10:53 p.m.35 views

Cross site scripting

A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...

6.1AI score0.00429EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/05 12:0 a.m.17 views

CVE-2024-27626

A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...

5.6AI score0.00429EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.4 views

PT-2024-21975 · Dotclear · Dotclear

Name of the Vulnerable Software and Affected Versions: Dotclear version 2.29 Description: A Reflected Cross-Site Scripting XSS issue has been identified in the Search functionality of the Admin Panel. Recommendations: For Dotclear version 2.29, consider disabling the Search functionality within t...

6.1CVSS6.1AI score0.00429EPSS
Exploits0References10
CVE
CVE
added 2024/03/05 12:0 a.m.45 views

CVE-2024-27626

CVE-2024-27626 affects Dotclear 2.29, with a Reflected Cross-Site Scripting (XSS) issue in the Admin Panel Search function. The CVE entry lists CVSSv3.1 metrics: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N (base score 6.1, MEDIUM). Impact is limited to confidentiality and integrity (LOW) with no availabi...

6.1CVSS5.7AI score0.00429EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/03/05 12:0 a.m.2 views

CVE-2024-27626

A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...

6.1CVSS5.8AI score0.00429EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/03/05 12:0 a.m.15 views

CVE-2024-27626

A Reflected Cross-Site Scripting XSS vulnerability has been identified in Dotclear version 2.29. The flaw exists within the Search functionality of the Admin Panel...

5.7AI score0.00429EPSS
Exploits0References1
0day.today
0day.today
added 2024/02/22 12:0 a.m.299 views

Dotclear 2.29 Cross Site Scripting Vulnerability

Exploit Title: Dotclear Version : 2.29 - Reflected XSS Exploit Author: tmrswrr Vendor Homepage: https://dotclear.org/ Version : 2.29 Tested on: https://softaculous.com/demos/dotclear 1 Enter admin panel after write search button this payload : " 2...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/22 12:0 a.m.297 views

Dotclear 2.29 Cross Site Scripting

Exploit Title: Dotclear Version : 2.29 - Reflected XSS Date: 2024-21-02 Exploit Author: tmrswrr Vendor Homepage: https://dotclear.org/ Version : 2.29 Tested on: https://softaculous.com/demos/dotclear 1 Enter admin panel after write search button this payload : " 2...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/10 12:0 a.m.263 views

dotclear 2.25.3 Shell Upload

Exploit Title: dotclear 2.25.3 - Remote Code Execution RCE Authenticated Application: dotclear Version: 2.25.3 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://dotclear.org/ Software Link: https://dotclear.org/download Date of found: 08.04.2023...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/04/10 12:0 a.m.237 views

dotclear 2.25.3 - Remote Code Execution (Authenticated) Exploit

Exploit Title: dotclear 2.25.3 - Remote Code Execution RCE Authenticated Application: dotclear Version: 2.25.3 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://dotclear.org/ Software Link: https://dotclear.org/download Date of found: 08.04.2023...

6.8AI score
Exploits0
Rows per page
Query Builder