AOH :: HP Unsorted D :: BX2801.HTM

Dotclear 'ecrire/images.php' Arbitrary File Upload Vulnerability



Dotclear 'ecrire/images.php' Arbitrary File Upload Vulnerability
Dotclear 'ecrire/images.php' Arbitrary File Upload Vulnerability



#####################################################################

Advisory #1 "Dotclear 'ecrire/images.php' Arbitrary File Upload 
Vulnerability"

$ Author : Morgan ARMAND
$ Contact : armand_m at epitech dot net
$ Vendor URL : http://www.dotclear.net 
$ Vendor Contacted : 07/04/2008
$ Vendor Status : No response
$ Affected Software : Dotclear <= 1.2.7.1
$ Severity : Medium / Critical

#####################################################################

Vulnerability:

Dotclear is prone to an arbitrary script upload vulnerability.

The vulnerability is caused due to missing validation of the file extension.

If successfully exploited, an attacker can execute arbitrary script code 
on a vulnerable server.
You need to have an account in order to access to the vulnerable page.

All versions of Dotclear are considered vulnerable at the moment.



The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.