Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

CMS

Dotclear

Dotclear is an open-source web publishing software to provide a user-friendly tool allowing anyone to publish on the web regardless of their technical skills.

Official Site:

https://dotclear.org/

Severity Summary:

Critical: 2 High: 6 Medium: 19 Low: 2
Reference
Title
Severity
CVE-2008-3232
Dotclear Improper Control of Generation of Code (Code Injection) Vulnerability
Critical
CVE-2005-3957
Dotclear Other Vulnerability
Critical
CVE-2014-1613
Dotclear Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2005-3963
Dotclear Other Vulnerability
High
CVE-2016-7902
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2016-9268
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2015-8832
Dotclear Improper Access Control Vulnerability
High
CVE-2011-5083
Dotclear Permissions Privileges and Access Controls Vulnerability
High
CVE-2006-2866
Dotclear Other Vulnerability
Medium
CVE-2006-3938
Dotclear Other Vulnerability
Medium
CVE-2007-1989
Dotclear Other Vulnerability
Medium
CVE-2007-3672
Dotclear Other Vulnerability
Medium
CVE-2009-0933
Dotclear Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2011-1584
Dotclear Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2012-1039
Dotclear Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-16358
Dotclear Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2014-3783
Dotclear Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Medium
CVE-2018-5690
Dotclear Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2014-3782
Dotclear Other Vulnerability
Medium
CVE-2014-5316
Dotclear Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-5651
Dotclear Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-8831
Dotclear Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2016-6523
Dotclear Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2016-9891
Dotclear Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-6446
Dotclear Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-5689
Dotclear Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2014-3781
Dotclear Improper Authentication Vulnerability
Medium
CVE-2007-3688
Dotclear Other Vulnerability
Low
CVE-2016-7903
Dotclear Permissions Privileges and Access Controls Vulnerability
Low