Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Dotclear Other Vulnerability - CVE-2006-2866 - Vulnerability Database
Dotclear

Dotclear Other Vulnerability - CVE-2006-2866

Medium
Reference: CVE-2006-2866
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2006-2866
Title: Dotclear Other Vulnerability
Overview:

PHP remote file inclusion vulnerability in layout/prepend.php in DotClear 1.2.4 and earlier allows remote attackers to execute arbitrary PHP code via a FTP URL in the blog_dc_path parameter which passes file_exists() and is_dir() tests on PHP 5.