CVE-2011-5083

Unrestricted file upload vulnerability in inc/swf/swfupload.swf in Dotclear 2.3.1 and 2.4.2 allows remote attackers to execute arbitrary code by uploading a file with an executable PHP extension, then accessing it via a direct request to the file in an unspecified directory.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:dotclear:dotclear:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:dotclear:dotclear:2.4.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2012-03-19 18:55

Updated : 2024-02-04 17:54


NVD link : CVE-2011-5083

Mitre link : CVE-2011-5083

CVE.ORG link : CVE-2011-5083


JSON object : View

Products Affected

dotclear

  • dotclear
CWE
CWE-264

Permissions, Privileges, and Access Controls