Description
Unrestricted file upload vulnerability in inc/swf/swfupload.swf in Dotclear 2.3.1 and 2.4.2 allows remote attackers to execute arbitrary code by uploading a file with an executable PHP extension, then accessing it via a direct request to the file in an unspecified directory.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2019-2799 Vulnerability (CVE-2019-2799)
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.11.8)
WordPress Plugin Store Locator Plus for WordPress Open Email Relay (4.2.25)
Squid Insufficient Verification of Data Authenticity Vulnerability (CVE-2016-4554)
WordPress Plugin CataBlog 'category' Parameter Cross-Site Scripting (1.6.2)