Lucene search
K

314 matches found

Exploit DB
Exploit DB
added 2023/04/08 12:0 a.m.427 views

dotclear 2.25.3 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: dotclear 2.25.3 - Remote Code Execution RCE Authenticated Application: dotclear Version: 2.25.3 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://dotclear.org/ Software Link: https://dotclear.org/download Date of found: 08.04.2023...

7.4AI score
Exploits0
Prion
Prion
added 2018/09/02 10:29 p.m.16 views

Cross site scripting

A cross-site scripting XSS vulnerability in inc/core/class.dc.core.php in the media manager in Dotclear through 2.14.1 allows remote authenticated users to upload HTML content containing an XSS payload with the file extension .ahtml...

3.5CVSS4.9AI score0.0068EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/09/02 10:29 p.m.22 views

CVE-2018-16358

A cross-site scripting XSS vulnerability in inc/core/class.dc.core.php in the media manager in Dotclear through 2.14.1 allows remote authenticated users to upload HTML content containing an XSS payload with the file extension .ahtml...

5.4CVSS5AI score0.0068EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2018/09/02 10:29 p.m.26 views

CVE-2018-16358

A cross-site scripting XSS vulnerability in inc/core/class.dc.core.php in the media manager in Dotclear through 2.14.1 allows remote authenticated users to upload HTML content containing an XSS payload with the file extension .ahtml...

5.4CVSS6.1AI score0.0068EPSS
Exploits0References2
OSV
OSV
added 2018/09/02 10:29 p.m.7 views

UBUNTU-CVE-2018-16358

A cross-site scripting XSS vulnerability in inc/core/class.dc.core.php in the media manager in Dotclear through 2.14.1 allows remote authenticated users to upload HTML content containing an XSS payload with the file extension .ahtml...

5.4CVSS5.9AI score0.0068EPSS
Exploits0References3
OSV
OSV
added 2018/09/02 10:29 p.m.16 views

CVE-2018-16358

A cross-site scripting XSS vulnerability in inc/core/class.dc.core.php in the media manager in Dotclear through 2.14.1 allows remote authenticated users to upload HTML content containing an XSS payload with the file extension .ahtml...

5.4CVSS4.8AI score
Exploits0References1
CVE
CVE
added 2018/09/02 10:0 p.m.47 views

CVE-2018-16358

CVE-2018-16358 is a cross-site scripting (XSS) vulnerability in Dotclear’s media manager (inc/core/class.dc.core.php) up to version 2.14.1. It allows remote authenticated users to upload HTML content containing an XSS payload with the file extension .ahtml. The issue’s root cause is an XSS flaw i...

5.4CVSS4.9AI score0.0068EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/09/02 10:0 p.m.24 views

CVE-2018-16358

A cross-site scripting XSS vulnerability in inc/core/class.dc.core.php in the media manager in Dotclear through 2.14.1 allows remote authenticated users to upload HTML content containing an XSS payload with the file extension .ahtml...

5AI score0.0068EPSS
Exploits0References1
CNVD
CNVD
added 2018/01/15 12:0 a.m.3 views

Dotclear admin/users.php file cross-site scripting vulnerability

Dotclear is a software developer Olivier Meunier developed a free PHP and MySQL-based blog Blog publishing software. A cross-site scripting vulnerability exists in the admin/users.php file in Dotclear version 2.12.1. A remote attacker can exploit this vulnerability by injecting arbitrary web scri...

5.4CVSS6.1AI score0.00904EPSS
Exploits0References1
CNVD
CNVD
added 2018/01/15 12:0 a.m.3 views

Dotclear admin/auth.php file cross-site scripting vulnerability

Dotclear is a software developer Olivier Meunier developed a free PHP and MySQL-based blog Blog publishing software. A cross-site scripting vulnerability exists in the admin/auth.php file in Dotclear version 2.12.1. This vulnerability can be exploited by remote attackers to inject arbitrary web...

5.4CVSS6AI score0.00904EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2018/01/14 4:29 a.m.35 views

CVE-2018-5690

Cross-site scripting XSS vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb parameter aka the page limit number...

5.4CVSS6.2AI score0.00904EPSS
Exploits0References3
NVD
NVD
added 2018/01/14 4:29 a.m.26 views

CVE-2018-5690

Cross-site scripting XSS vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb parameter aka the page limit number...

5.4CVSS5.1AI score0.00904EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/01/14 4:29 a.m.32 views

CVE-2018-5689

Cross-site scripting XSS vulnerability in admin/auth.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the malicious user's email...

5.4CVSS6.2AI score0.00904EPSS
Exploits0References3
Prion
Prion
added 2018/01/14 4:29 a.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in admin/auth.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the malicious user's email...

3.5CVSS5AI score0.00904EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/01/14 4:29 a.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb parameter aka the page limit number...

3.5CVSS5AI score0.00904EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/01/14 4:29 a.m.16 views

CVE-2018-5689

Cross-site scripting XSS vulnerability in admin/auth.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the malicious user's email...

5.4CVSS5.1AI score0.00904EPSS
Exploits0References2
OSV
OSV
added 2018/01/14 4:29 a.m.11 views

CVE-2018-5690

Cross-site scripting XSS vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb parameter aka the page limit number...

5.4CVSS5.6AI score
Exploits0References2
OSV
OSV
added 2018/01/14 4:29 a.m.13 views

CVE-2018-5689

Cross-site scripting XSS vulnerability in admin/auth.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the malicious user's email...

5.4CVSS5.6AI score
Exploits0References2
OSV
OSV
added 2018/01/14 4:29 a.m.3 views

UBUNTU-CVE-2018-5689

Cross-site scripting XSS vulnerability in admin/auth.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the malicious user's email...

5.4CVSS5.9AI score0.00904EPSS
Exploits0References4
OSV
OSV
added 2018/01/14 4:29 a.m.5 views

UBUNTU-CVE-2018-5690

Cross-site scripting XSS vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb parameter aka the page limit number...

5.4CVSS6.2AI score0.00904EPSS
Exploits0References4
Rows per page
Query Builder