Unrated severityNVD Advisory· Published Jul 18, 2008· Updated Apr 23, 2026
CVE-2008-3232
CVE-2008-3232
Description
Unrestricted file upload vulnerability in ecrire/images.php in Dotclear 1.2.7.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images.
Affected products
7cpe:2.3:a:dotclear:dotclear:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:dotclear:dotclear:*:*:*:*:*:*:*:*range: <=1.2.7
- cpe:2.3:a:dotclear:dotclear:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:dotclear:dotclear:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:dotclear:dotclear:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:dotclear:dotclear:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:dotclear:dotclear:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:dotclear:dotclear:1.2.6:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- osvdb.org/44441nvd
- secunia.com/advisories/29819nvd
- www.dotclear.net/blog/post/2008/04/18/Dotclear-128nvd
- www.dotclear.net/blog/post/2008/04/18/Gestionnaire-de-media-et-types-de-fichiersnvd
- www.openwall.com/lists/oss-security/2008/07/14/2nvd
- www.securityfocus.com/archive/1/490865/100/0/threadednvd
- www.securityfocus.com/bid/28787nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/41828nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/44039nvd
News mentions
0No linked articles in our index yet.