Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
docebo docebo vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-31361
Docebo Community Edition v4.0.5 and below exists to contain a SQL injection vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Docebo Docebo
8.8
CVSSv3
CVE-2022-31362
Docebo Community Edition v4.0.5 and below exists to contain an arbitrary file upload vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Docebo Docebo
NA
CVE-2011-5135
Multiple SQL injection vulnerabilities in the save_connection function in lib/lib.iotask.php in the iotask module in DoceboLMS 4.0.4 and previous versions allow remote authenticated users with admin or teacher privileges to execute arbitrary SQL commands via the (1) coursereportu...
Docebo Docebolms 2.0.4
Docebo Docebolms
Docebo Docebolms 4.0
Docebo Docebolms 2.0.5
1 EDB exploit
NA
CVE-2011-3726
DoceboLMS 4.0.4 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by views/dummy/show.php and certain other files.
Docebo Docebolms 4.0.4
NA
CVE-2009-4742
Multiple SQL injection vulnerabilities in Docebo 3.6.0.3 allow remote malicious users to execute arbitrary SQL commands via (1) the word parameter in a play help action to the faq module, reachable through index.php; (2) the word parameter in a play keyw action to the link module...
Docebo Docebo 3.6.0.3
1 EDB exploit
NA
CVE-2008-7153
SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the Accept-Language HTTP header. NOTE: this can be leveraged to execute arbitr...
Docebo Docebo 3.0.4
Docebo Docebo 3.5 Beta
Docebo Docebo 3.0.3
Docebo Docebo 3.0.5
Docebo Docebo
2 EDB exploits
NA
CVE-2008-7154
Docebo 3.5.0.3 and previous versions allows remote malicious users to obtain sensitive information via a direct request to (1) class/class.conf_fw.php, (2) class.module/class.event_manager.php, (3) lib/lib.domxml5.php, or (4) menu/menu_over.php in doceboCore/; or (5) class/class....
Docebo Docebo 3.5 Beta
Docebo Docebo
Docebo Docebo 3.0.3
Docebo Docebo 3.0.5
Docebo Docebo 3.0.4
1 EDB exploit
NA
CVE-2007-1240
Multiple cross-site scripting (XSS) vulnerabilities in Docebo CMS 3.0.3 up to and including 3.0.5 allow remote malicious users to inject arbitrary web script or HTML via (1) the searchkey parameter to index.php, or the (2) sn or (3) ri parameter to modules/htmlframechat/index.php...
Docebo Docebo 3.0.3
Docebo Docebo 3.0.4
Docebo Docebo 3.0.5
2 EDB exploits
NA
CVE-2006-6957
PHP remote file inclusion vulnerability in addons/mod_media/body.php in Docebo 3.0.3 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[where_framework] parameter. NOTE: this issue might be...
Docebo Docebo
NA
CVE-2006-6963
Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 3.0.3 allow remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[where_lms] parameter to (1) class.module/class.definition.php and (2) modules/scorm/scorm_utils.php. NOTE: this issue may ove...
Docebo Docebo 3.0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »