Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
claroline vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-1377
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 up to and including 1.6 Release Candidate 1, and possibly Dokeos, allow remote malicious users to execute arbitrary PHP code via unknown vectors.
Claroline Claroline 1.5.3
Claroline Claroline 1.6 Beta
Claroline Claroline 1.6 Rc1
7.5
CVSSv2
CVE-2005-1375
Multiple SQL injection vulnerabilities in Claroline 1.5.3 up to and including 1.6 Release Candidate 1, and possibly Dokeos, allow remote malicious users to execute arbitrary SQL commands via (1) learningPath.php, (2) learningPathAdmin.php, (3) learnPath_details.php, (4) modules_p...
Claroline Claroline 1.5.3
Claroline Claroline 1.6 Beta
Claroline Claroline 1.6 Rc1
4 EDB exploits
6.8
CVSSv2
CVE-2006-2284
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) clarolineRepositorySys parameter in ldap.inc.php and the (2) claro_CasLibPath parameter in casProcess.inc.php.
Claroline Claroline 1.7.4
Claroline Claroline 1.7.5
Dokeos Dokeos 1.6 Rc2
Claroline Claroline 1.6 Rc1
Claroline Claroline 1.7.2
Dokeos Dokeos 1.5.5
Dokeos Dokeos 1.6.4
Claroline Claroline 1.5
Claroline Claroline 1.5.3
Dokeos Dokeos 1.4
Dokeos Dokeos 1.5
Claroline Claroline 1.5.4
Claroline Claroline 1.6
Claroline Claroline 1.6 Beta
Dokeos Dokeos 1.5.3
Dokeos Dokeos 1.5.4
1 EDB exploit
5.1
CVSSv2
CVE-2006-4844
PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and previous versions, as used in Dokeos and possibly other products, allows remote malicious users to execute arbitrary PHP code via a URL in the extAuthSource[newUser] parameter.
Claroline Claroline 1.5.3
Claroline Claroline 1.5.4
Claroline Claroline 1.7.3
Claroline Claroline 1.7.4
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4 P1
Claroline Claroline 1.2
Claroline Claroline 1.3
Claroline Claroline 1.6 Rc1
Claroline Claroline 1.6
Claroline Claroline 1.6 Beta
Claroline Claroline 1.7.5
Claroline Claroline 1.7.6
Dokeos Open Source Learning And Knowledge Management Tool 1.6.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6 Rc2
Claroline Claroline 1.7
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Claroline Claroline
Claroline Claroline 1.4
Claroline Claroline 1.5
1 EDB exploit
NA
CVE-2022-37159
Claroline 13.5.7 and prior is vulnerable to Remote code execution via arbitrary file upload.
Claroline Claroline
1 Github repository
NA
CVE-2022-37160
Claroline 13.5.7 and prior allows an authenticated malicious user to elevate privileges via the arbitrary creation of a privileged user. By combining the XSS vulnerability present in several upload forms and a javascript request to the present API, it is possible to trigger the c...
Claroline Claroline
1 Github repository
NA
CVE-2022-37161
Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS) via SVG file upload.
Claroline Claroline
1 Github repository
3.5
CVSSv2
CVE-2007-4717
Multiple cross-site scripting (XSS) vulnerabilities in Claroline prior to 1.8.6 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) dir parameter in admin/adminusers.php, the (2) action parameter in admin/advancedUserSearch.php, and the (3...
Claroline Claroline
3 EDB exploits
3.5
CVSSv2
CVE-2007-4741
Cross-site scripting (XSS) vulnerability in admin/adminusers.php in Claroline prior to 1.8.6 allows remote authenticated administrators to inject arbitrary web script or HTML via the sort parameter. NOTE: the provenance of this information is unknown; the details are obtained sol...
Claroline Claroline
4.3
CVSSv2
CVE-2007-4742
Claroline prior to 1.8.6 allows remote authenticated administrators to obtain sensitive information via an invalid value in the sort parameter to admin/adminusers.php, which reveals the path in an error message in some circumstances, as demonstrated by a parameter value containin...
Claroline Claroline
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »