Unrestricted File Upload Vulnerability in Dotclear Affects Multiple Versions
CVE-2011-5083

Currently unrated

Key Information:

Vendor

Dotclear

Status
Dotclear
Vendor
CVE Published:
19 March 2012

What is CVE-2011-5083?

The vulnerability in Dotclear allows attackers to upload arbitrary files, specifically executable PHP scripts, through the 'swfupload.swf' file. This occurs in versions 2.3.1 and 2.4.2, where inadequate file validation mechanisms enable the execution of malicious code by accessing the uploaded file directly. This loophole poses significant risks to affected Dotclear installations, potentially compromising the underlying server.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.osvdb.org/79665
vdb-entryx_refsource_OSVDB
http://cxsecurity.com/issue/WLB-2011090012
x_refsource_MISC
http://www.exploit-db.com/exploits/18529
exploitx_refsource_EXPLOIT-DB

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.