CVE-2007-2901
- EPSS 6.99%
- Veröffentlicht 30.05.2007 10:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the img parameter to main/inc/lib/fckeditor/editor/plugins/ImageManager/editor.php and other unspecified...
CVE-2007-2902
- EPSS 0.69%
- Veröffentlicht 30.05.2007 10:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
SQL injection vulnerability in main/auth/my_progress.php in Dokeos 1.8.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the course parameter.
CVE-2006-3924
- EPSS 0.35%
- Veröffentlicht 28.07.2006 23:04:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos before 1.6.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2006-2284
- EPSS 9.38%
- Veröffentlicht 10.05.2006 02:14:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) clarolineRepositorySys parameter in ldap.inc.php and the (2) claro_CasLibPath parameter in casProcess.inc....
CVE-2006-2286
- EPSS 1.11%
- Veröffentlicht 10.05.2006 02:14:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Multiple PHP remote file inclusion vulnerabilities in claro_init_global.inc.php in Dokeos 1.6.3 and earlier, and Dokeos community release 2.0.3, allow remote attackers to execute arbitrary PHP code via a URL in the (1) rootSys and (2) clarolineReposi...
- EPSS 0.29%
- Veröffentlicht 17.08.2005 04:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Multiple directory traversal vulnerabilities in Dokeos 1.6 and earlier, and possibly Claroline, allow remote attackers to (1) delete arbitrary files or directories via the delete parameter to claroline/scorm/scormdocument.php, (2) move arbitrary file...