Vulnerabilities > Dotclear > Dotclear > 1.2.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-06-06 | CVE-2006-2866 | Remote File Include vulnerability in DotClear Prepend.PHP PHP remote file inclusion vulnerability in layout/prepend.php in DotClear 1.2.4 and earlier allows remote attackers to execute arbitrary PHP code via a FTP URL in the blog_dc_path parameter, which passes file_exists() and is_dir() tests on PHP 5. | 5.1 |