Description
DotCMS allows an unauthenticated user to upload arbitrary files. An attacker can exploit it to achieve remote code execution.
Remediation
Upgrade to the latest version of DotCMS
References
Related Vulnerabilities
WordPress Plugin RBX Gallery 'uploader.php' Arbitrary File Upload (2.1)
WordPress Plugin ReFlex Gallery Arbitrary File Upload (3.1.3)
WordPress Plugin WPtouch Arbitrary File Upload (3.4.6)
WordPress Plugin Work The Flow File Upload Arbitrary File Upload (2.5.2)
WordPress Plugin Import any XML or CSV File to WordPress Pro Arbitrary File Upload (4.1.0)