Dotclear Multiple Vulnerabilities

Summary
This host is installed with Dotclear and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to bypass authentication mechanisms, inject or manipulate SQL queries in the back-end database and attacker can to execute uploaded script with the privileges of the web server. Impact Level: System/Application
Solution
Upgrade to version 2.6.3 or higher, For updates refer to http://dotclear.org
Insight
- Flaw in due to 'dcXmlRpc::setUser()' method in 'class.dc.xmlrpc.php' fails to verify passwords before using it. - Flaw is due to is due to the '/admin/categories.php' script not properly sanitizing user-supplied input to the 'categories_order' POST parameter. - Flaw is due to is due to 'filemanager::isFileExclude()' method does not properly verify or sanitize user-uploaded files.
Affected
DotClear version before 2.6.3
Detection
Send a crafted HTTP POST request and try to bypass authentication.
References