Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
docebo docebo 3.0.3 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-7153
SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the Accept-Language HTTP header. NOTE: this can be leveraged to execute arbitr...
Docebo Docebo 3.0.4
Docebo Docebo 3.5 Beta
Docebo Docebo 3.0.3
Docebo Docebo 3.0.5
Docebo Docebo
2 EDB exploits
7.5
CVSSv2
CVE-2006-6963
Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 3.0.3 allow remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[where_lms] parameter to (1) class.module/class.definition.php and (2) modules/scorm/scorm_utils.php. NOTE: this issue may ove...
Docebo Docebo 3.0.3
6.8
CVSSv2
CVE-2006-6957
PHP remote file inclusion vulnerability in addons/mod_media/body.php in Docebo 3.0.3 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[where_framework] parameter. NOTE: this issue might be...
Docebo Docebo
5.1
CVSSv2
CVE-2006-3107
Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in (1) GLOBALS[where_framework] to (a) admin/modules/news/news_class.php and (b) admin/...
Docebo Docebo
5.1
CVSSv2
CVE-2006-2576
Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in (1) GLOBALS[where_framework] to (a) lib.simplesel.php, (b) lib.filelist.php, (c) tre...
Docebo Docebo
1 EDB exploit
5.1
CVSSv2
CVE-2006-2577
Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in (1) where_cms, (2) where_lms, (3) where_upgrade, (4) BBC_LIB_PATH, and (5) BBC_LANGU...
Docebo Docebo
1 EDB exploit
5
CVSSv2
CVE-2008-7154
Docebo 3.5.0.3 and previous versions allows remote malicious users to obtain sensitive information via a direct request to (1) class/class.conf_fw.php, (2) class.module/class.event_manager.php, (3) lib/lib.domxml5.php, or (4) menu/menu_over.php in doceboCore/; or (5) class/class....
Docebo Docebo 3.5 Beta
Docebo Docebo
Docebo Docebo 3.0.3
Docebo Docebo 3.0.5
Docebo Docebo 3.0.4
1 EDB exploit
4.3
CVSSv2
CVE-2007-1240
Multiple cross-site scripting (XSS) vulnerabilities in Docebo CMS 3.0.3 up to and including 3.0.5 allow remote malicious users to inject arbitrary web script or HTML via (1) the searchkey parameter to index.php, or the (2) sn or (3) ri parameter to modules/htmlframechat/index.php...
Docebo Docebo 3.0.3
Docebo Docebo 3.0.4
Docebo Docebo 3.0.5
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started