Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
docebo docebo vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-31361
Docebo Community Edition v4.0.5 and below exists to contain a SQL injection vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Docebo Docebo
7.5
CVSSv2
CVE-2009-4742
Multiple SQL injection vulnerabilities in Docebo 3.6.0.3 allow remote malicious users to execute arbitrary SQL commands via (1) the word parameter in a play help action to the faq module, reachable through index.php; (2) the word parameter in a play keyw action to the link module...
Docebo Docebo 3.6.0.3
1 EDB exploit
7.5
CVSSv2
CVE-2008-7153
SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the Accept-Language HTTP header. NOTE: this can be leveraged to execute arbitr...
Docebo Docebo 3.0.4
Docebo Docebo 3.5 Beta
Docebo Docebo 3.0.3
Docebo Docebo 3.0.5
Docebo Docebo
2 EDB exploits
7.5
CVSSv2
CVE-2006-6963
Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 3.0.3 allow remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[where_lms] parameter to (1) class.module/class.definition.php and (2) modules/scorm/scorm_utils.php. NOTE: this issue may ove...
Docebo Docebo 3.0.3
7.5
CVSSv2
CVE-2006-2668
Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 2.05 allow remote malicious users to execute arbitrary PHP code via a URL in the lang parameter to (1) modules/credits/business.php, (2) modules/credits/credits.php, or (3) modules/credits/help.php.
Docebolms Docebolms 2.0.5
1 EDB exploit
6.8
CVSSv2
CVE-2006-6957
PHP remote file inclusion vulnerability in addons/mod_media/body.php in Docebo 3.0.3 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[where_framework] parameter. NOTE: this issue might be...
Docebo Docebo
6.5
CVSSv2
CVE-2022-31362
Docebo Community Edition v4.0.5 and below exists to contain an arbitrary file upload vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Docebo Docebo
6
CVSSv2
CVE-2011-5135
Multiple SQL injection vulnerabilities in the save_connection function in lib/lib.iotask.php in the iotask module in DoceboLMS 4.0.4 and previous versions allow remote authenticated users with admin or teacher privileges to execute arbitrary SQL commands via the (1) coursereportu...
Docebo Docebolms 2.0.4
Docebo Docebolms
Docebo Docebolms 4.0
Docebo Docebolms 2.0.5
1 EDB exploit
5.1
CVSSv2
CVE-2006-3107
Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in (1) GLOBALS[where_framework] to (a) admin/modules/news/news_class.php and (b) admin/...
Docebo Docebo
5.1
CVSSv2
CVE-2006-2576
Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in (1) GLOBALS[where_framework] to (a) lib.simplesel.php, (b) lib.filelist.php, (c) tre...
Docebo Docebo
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »