Path Traversal Flaw in Media Manager of Dotclear
CVE-2011-1584

Currently unrated

Key Information:

Vendor

Dotclear

Status
Dotclear
Vendor
CVE Published:
8 June 2011

What is CVE-2011-1584?

The updateFile function in the Media Manager of Dotclear prior to version 2.2.3 suffers from a path traversal vulnerability. This flaw enables remote authenticated users to upload and execute arbitrary PHP code by manipulating the media_path or media_file parameters. Consequently, this could lead to severe security breaches if exploited, allowing unauthorized access to sensitive server resources.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://openwall.com/lists/oss-security/2011/04/13/19
mailing-listx_refsource_MLIST
http://openwall.com/lists/oss-security/2011/04/15/7
mailing-listx_refsource_MLIST
http://openwall.com/lists/oss-security/2011/04/15/11
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.