Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
claroline claroline vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-1375
Multiple SQL injection vulnerabilities in Claroline 1.5.3 up to and including 1.6 Release Candidate 1, and possibly Dokeos, allow remote malicious users to execute arbitrary SQL commands via (1) learningPath.php, (2) learningPathAdmin.php, (3) learnPath_details.php, (4) modules_p...
Claroline Claroline 1.6 Beta
Claroline Claroline 1.6 Rc1
Claroline Claroline 1.5.3
4 EDB exploits
NA
CVE-2005-1376
Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 up to and including 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to upload arbitrary files.
Claroline Claroline 1.6 Beta
Claroline Claroline 1.6 Rc1
Claroline Claroline 1.5.3
NA
CVE-2005-1377
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 up to and including 1.6 Release Candidate 1, and possibly Dokeos, allow remote malicious users to execute arbitrary PHP code via unknown vectors.
Claroline Claroline 1.6 Beta
Claroline Claroline 1.6 Rc1
Claroline Claroline 1.5.3
NA
CVE-2006-4844
PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and previous versions, as used in Dokeos and possibly other products, allows remote malicious users to execute arbitrary PHP code via a URL in the extAuthSource[newUser] parameter.
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Claroline Claroline 1.7.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6 Rc2
Claroline Claroline 1.7.4
Claroline Claroline 1.5.4
Claroline Claroline 1.2
Claroline Claroline
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Claroline Claroline 1.6 Beta
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5.5
Dokeos Open Source Learning And Knowledge Management Tool 1.5.4
Claroline Claroline 1.7
Claroline Claroline 1.6 Rc1
Dokeos Open Source Learning And Knowledge Management Tool 1.6.5
Claroline Claroline 1.7.1
Claroline Claroline 1.3
Claroline Claroline 1.7.6
Claroline Claroline 1.4
Claroline Claroline 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Claroline Claroline 1.6
1 EDB exploit
NA
CVE-2007-4741
Cross-site scripting (XSS) vulnerability in admin/adminusers.php in Claroline prior to 1.8.6 allows remote authenticated administrators to inject arbitrary web script or HTML via the sort parameter. NOTE: the provenance of this information is unknown; the details are obtained sol...
Claroline Claroline
NA
CVE-2007-4742
Claroline prior to 1.8.6 allows remote authenticated administrators to obtain sensitive information via an invalid value in the sort parameter to admin/adminusers.php, which reveals the path in an error message in some circumstances, as demonstrated by a parameter value containin...
Claroline Claroline
9.8
CVSSv3
CVE-2022-37159
Claroline 13.5.7 and prior is vulnerable to Remote code execution via arbitrary file upload.
Claroline Claroline
1 Github repository
5.4
CVSSv3
CVE-2022-37160
Claroline 13.5.7 and prior allows an authenticated malicious user to elevate privileges via the arbitrary creation of a privileged user. By combining the XSS vulnerability present in several upload forms and a javascript request to the present API, it is possible to trigger the c...
Claroline Claroline
1 Github repository
6.1
CVSSv3
CVE-2022-37161
Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS) via SVG file upload.
Claroline Claroline
1 Github repository
5.4
CVSSv3
CVE-2022-37162
Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS). An attacker can obtain javascript code execution by adding arbitrary javascript code in the 'Location' field of a calendar event.
Claroline Claroline
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »