Intrusion Prevention

Dotclear.Media.Manager.Directory.Traversal

Description

This indicates an attack attempt to exploit a Directory Traversal vulnerability in Dotclear content management system.
The vulnerability is caused by improper validation of user supplied data when the vulnerable application handles a maliciously crafted request. An attacker can exploit this to execute arbitrary code in the context of the vulnerable application via a crafted request.

Affected Products

Dotclear 2.9.1 and earlier

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the latest patch from the vendor.
https://dotclear.org/download