virus logo Intrusion Prevention

Dotclear.Media.Manager.Directory.Traversal

description-logoDescription

This indicates an attack attempt to exploit a Directory Traversal vulnerability in Dotclear content management system.
The vulnerability is caused by improper validation of user supplied data when the vulnerable application handles a maliciously crafted request. An attacker can exploit this to execute arbitrary code in the context of the vulnerable application via a crafted request.

affected-products-logoAffected Products

Dotclear 2.9.1 and earlier

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Apply the latest patch from the vendor.
https://dotclear.org/download

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

http://seclists.org/fulldisclosure/2016/Aug/118
ID 42898
Created Sep 08, 2016
Updated May 02, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Linux
Affected App PHP_app