CVE-2007-2901
- EPSS 1.84%
- Veröffentlicht 30.05.2007 10:30:00
- Zuletzt bearbeitet 16.06.2026 22:40:40
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the img parameter to main/inc/lib/fckeditor/editor/plugins/ImageManager/editor.php and other unspecified...
CVE-2007-2902
- EPSS 1.06%
- Veröffentlicht 30.05.2007 10:30:00
- Zuletzt bearbeitet 16.06.2026 22:40:40
SQL injection vulnerability in main/auth/my_progress.php in Dokeos 1.8.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the course parameter.
CVE-2006-3924
- EPSS 1.13%
- Veröffentlicht 28.07.2006 23:04:00
- Zuletzt bearbeitet 16.06.2026 22:28:05
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos before 1.6.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2006-2284
- EPSS 6.65%
- Veröffentlicht 10.05.2006 02:14:00
- Zuletzt bearbeitet 16.06.2026 22:24:42
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) clarolineRepositorySys parameter in ldap.inc.php and the (2) claro_CasLibPath parameter in casProcess.inc....
CVE-2006-2286
- EPSS 1.51%
- Veröffentlicht 10.05.2006 02:14:00
- Zuletzt bearbeitet 16.06.2026 22:24:42
Multiple PHP remote file inclusion vulnerabilities in claro_init_global.inc.php in Dokeos 1.6.3 and earlier, and Dokeos community release 2.0.3, allow remote attackers to execute arbitrary PHP code via a URL in the (1) rootSys and (2) clarolineReposi...
- EPSS 1.64%
- Veröffentlicht 17.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:16
Multiple directory traversal vulnerabilities in Dokeos 1.6 and earlier, and possibly Claroline, allow remote attackers to (1) delete arbitrary files or directories via the delete parameter to claroline/scorm/scormdocument.php, (2) move arbitrary file...