Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dotclear dotclear vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2005-3957
Unspecified vulnerability in the Trackback functionality in DotClear 1.2.1 has unknown impact and attack vectors.
Dotclear Dotclear 1.2.1
828
VMScore
CVE-2008-3232
Unrestricted file upload vulnerability in ecrire/images.php in Dotclear 1.2.7.1 and previous versions allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images.
Dotclear Dotclear 1.2.2
Dotclear Dotclear 1.2.3
Dotclear Dotclear 1.2.6
Dotclear Dotclear
Dotclear Dotclear 1.2.1
Dotclear Dotclear 1.2.4
Dotclear Dotclear 1.2.5
801
VMScore
CVE-2016-9268
Unrestricted file upload vulnerability in the Blog appearance in the "Install or upgrade manually" module in Dotclear up to and including 2.10.4 allows remote authenticated super-administrators to execute arbitrary code by uploading a theme file with an zip extension, a...
Dotclear Dotclear
755
VMScore
CVE-2005-3963
SQL injection vulnerability in session.php in DotClear prior to 1.2.3 allows remote malicious users to execute arbitrary SQL commands via the dc_xd parameter in a cookie.
Dotclear Dotclear 1.2.1
Dotclear Dotclear 1.2.2
1 EDB exploit
668
VMScore
CVE-2014-1613
Dotclear prior to 2.6.2 allows remote malicious users to execute arbitrary PHP code via a serialized object in the dc_passwd cookie to a password-protected page, which is not properly handled by (1) inc/public/lib.urlhandlers.php or (2) plugins/pages/_public.php.
Dotclear Dotclear 2.4.2
Dotclear Dotclear 2.0.2
Dotclear Dotclear 2.0.1
Dotclear Dotclear 2.0
Dotclear Dotclear 2.5.1
Dotclear Dotclear 2.5.0
Dotclear Dotclear 2.4.4
Dotclear Dotclear 2.4.3
Dotclear Dotclear 2.2
Dotclear Dotclear 2.1.7
Dotclear Dotclear 2.1.6
Dotclear Dotclear 2.1.5
Dotclear Dotclear 2.3.0
Dotclear Dotclear 2.2.2
Dotclear Dotclear 2.1.3
Dotclear Dotclear 2.1
Dotclear Dotclear 2.6
Dotclear Dotclear 2.5.3
Dotclear Dotclear 2.3.1
Dotclear Dotclear 2.2.3
Dotclear Dotclear 2.2.1
Dotclear Dotclear 2.1.4
668
VMScore
CVE-2011-5083
Unrestricted file upload vulnerability in inc/swf/swfupload.swf in Dotclear 2.3.1 and 2.4.2 allows remote malicious users to execute arbitrary code by uploading a file with an executable PHP extension, then accessing it via a direct request to the file in an unspecified directory...
Dotclear Dotclear 2.4.2
Dotclear Dotclear 2.3.1
578
VMScore
CVE-2015-8832
Multiple incomplete blacklist vulnerabilities in inc/core/class.dc.core.php in Dotclear prior to 2.8.2 allow remote authenticated users with "manage their own media items" and "manage their own entries and comments" permissions to execute arbitrary PHP code by...
Dotclear Dotclear
578
VMScore
CVE-2016-7902
Unrestricted file upload vulnerability in the fileUnzip->unzip method in Dotclear prior to 2.10.3 allows remote authenticated users with permissions to manage media items to execute arbitrary code by uploading a ZIP file containing a file with a crafted extension, as demonstra...
Dotclear Dotclear
578
VMScore
CVE-2011-1584
The updateFile function in inc/core/class.dc.media.php in the Media Manager in Dotclear prior to 2.2.3 does not properly restrict pathnames, which allows remote authenticated users to upload and execute arbitrary PHP code via the media_path or media_file parameter. NOTE: some of ...
Dotclear Dotclear 2.0
Dotclear Dotclear 2.1.7
Dotclear Dotclear 2.1.6
Dotclear Dotclear 2.1.5
Dotclear Dotclear 2.1
Dotclear Dotclear 1.2.2
Dotclear Dotclear
Dotclear Dotclear 2.2
Dotclear Dotclear 1.2.8
Dotclear Dotclear 1.2.7
Dotclear Dotclear 2.0.1
Dotclear Dotclear 2.0.2
Dotclear Dotclear 1.2.6
Dotclear Dotclear 1.2.3
Dotclear Dotclear 1.2.4
Dotclear Dotclear 2.1.4
Dotclear Dotclear 2.1.1
Dotclear Dotclear 1.2.1
Dotclear Dotclear 1.2.5
Dotclear Dotclear 2.1.3
Dotclear Dotclear 2.2.1
534
VMScore
CVE-2014-3782
Multiple incomplete blacklist vulnerabilities in the filemanager::isFileExclude method in the Media Manager in Dotclear prior to 2.6.3 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) double extension or (2) .php5, (3) .phtml, or some ...
Dotclear Dotclear 2.6.1
Dotclear Dotclear 2.6
Dotclear Dotclear
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »