CVE-2012-1039

Dotclear <2.4.2 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in Dotclear before 2.4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) login_data parameter to admin/auth.php; (2) nb parameter to admin/blogs.php; (3) type, (4) sortby, (5) order, or (6) status parameters to admin/comments.php; or (7) page parameter to admin/plugin.php.

Exploits (4)

exploitdb WORKING POC VERIFIED

by High-Tech Bridge SA · htmlwebappsphp

https://www.exploit-db.com/exploits/36888

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by High-Tech Bridge SA · textwebappsphp

https://www.exploit-db.com/exploits/36889

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by High-Tech Bridge SA · textwebappsphp

https://www.exploit-db.com/exploits/36890

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by High-Tech Bridge SA · textwebappsphp

https://www.exploit-db.com/exploits/36891

View Code ZIP pw:eip

References (6)

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2012-02/0183.html

[Patch, Vendor Advisory] http://dotclear.org/blog/post/2012/02/11/Dotclear-2.4.2

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/52221

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/73565

[Exploit] https://www.htbridge.ch/advisory/HTB23074

[Third Party Advisory] http://secunia.com/advisories/48209

Scores

EPSS 0.0316

EPSS Percentile 86.8%

Classification

CWE

CWE-79

Status published

Affected Products (34)

dotclear/dotclear < 2.3.1

dotclear/dotclear

dotclear/dotclear

dotclear/dotclear

dotclear/dotclear

dotclear/dotclear

dotclear/dotclear

dotclear/dotclear

dotclear/dotclear

dotclear/dotclear

dotclear/dotclear

dotclear/dotclear

dotclear/dotclear

dotclear/dotclear

dotclear/dotclear

... and 19 more

Timeline

Published Mar 19, 2012

Tracked Since Feb 18, 2026