Posted by Curesec Research Team (CRT) on Nov 14

Security Advisory – Curesec Research Team

1. Introduction

Affected Product: dotclear 2.8.1
Fixed in: 2.8.2
Fixed Version Link: http://download.dotclear.org/latest.zip
Vendor Website: http://dotclear.org/
Vulnerability Type: Code Execution
Remote Exploitable: Yes
Reported to vendor: 10/02/2015
Disclosed to public: 11/13/2015
Release mode: Coordinated release
CVE: n/a
Credits Tim Coen of…