CVE-2024-58281

HIGH

Dotclear 2.29 - Authenticated Remote Code Execution via Media Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-58281. PoCs published by Ahmet Ümit BAYRAM.

AI-analyzed exploit summary This exploit targets Dotclear 2.29 by leveraging authenticated file upload to achieve remote code execution. It uploads a malicious PHP file disguised as an image, which executes system commands via GET parameters.

Description

Dotclear 2.29 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload process by crafting a PHP shell with a command execution form to gain system access through the uploaded file.

Exploits (1)

exploitdb WORKING POC
by Ahmet Ümit BAYRAM · pythonwebappsphp
https://www.exploit-db.com/exploits/52037

This exploit targets Dotclear 2.29 by leveraging authenticated file upload to achieve remote code execution. It uploads a malicious PHP file disguised as an image, which executes system commands via GET parameters.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Dotclear v2.29
Auth required
Prerequisites: Valid credentials for Dotclear admin panel · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 8.8
EPSS 0.0079
EPSS Percentile 51.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-434
Status published
Products (2)
dotclear/dotclear 2.29
dotclear/Dotclear 2.29
Published Dec 10, 2025
Tracked Since Feb 18, 2026