Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dokeos dokeos vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2009-2008
Multiple SQL injection vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote malicious users to execute arbitrary SQL commands via the (1) uInfo parameter to main/tracking/userLog.php and the (2) course parameter to main/mySpace/lp_tracking.php, a different vector t...
Dokeos Dokeos 1.8.5
4.9
CVSSv2
CVE-2007-6479
Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php (aka the "My profile" page) in Dokeos 1.8.4 allows remote authenticated users to upload and execute arbitrary PHP files via a filename with a double extension, w...
Dokeos Dokeos 1.8.4
1 EDB exploit
6.8
CVSSv2
CVE-2009-2005
Cross-site request forgery (CSRF) vulnerability in Dokeos 1.8.5, and possibly earlier, allows remote malicious users to hijack the authentication of unspecified victims and add new personal agenda items via unknown vectors.
Dokeos Dokeos 1.8.5
2.6
CVSSv2
CVE-2009-2006
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the (1) search_term parameter to main/auth/courses.php; the (2) frm_title and (3) frm_content parameters in a new per...
Dokeos Dokeos 1.8.5
4.3
CVSSv2
CVE-2009-2009
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the (1) curdirpath parameter to main/document/slideshow.php and the (2) file parameter to main/exercice/testheaderpag...
Dokeos Dokeos 1.8.5
1 Github repository
3.5
CVSSv2
CVE-2012-5776
Dokeos 2.1.1 has multiple XSS issues involving "extra_" parameters in main/auth/profile.php.
Dokeos Dokeos 2.1.1
4.3
CVSSv2
CVE-2014-1877
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 2.1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) Phone, (2) Street, (3) Address line, (4) Zip code, or (5) City field to main/auth/profile.php; (6) Subject field to main/social/grou...
Dokeos Project Dokeos 2.1.1
4.3
CVSSv2
CVE-2007-6574
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the origin parameter to work/work.php in a display_upload_form action, or the forum parameter to (2) forum/viewfor...
Dokeos Open Source Learning And Knowledge Management Tool 1.5.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
Dokeos Open Source Learning And Knowledge Management Tool 1.6.5
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Dokeos Open Source Learning And Knowledge Management 1.8
Dokeos Open Source Learning And Knowledge Management 1.8.4
Dokeos Open Source Learning And Knowledge Management Tool 1.8
Dokeos Open Source Learning And Knowledge Management Tool 1.8.4
3 EDB exploits
5.1
CVSSv2
CVE-2006-2285
PHP remote file inclusion vulnerability in authldap.php in Dokeos 1.6.4 allows remote malicious users to execute arbitrary PHP code via a URL in the includePath parameter.
Dokeos Open Source Learning And Knowledge Management Tool 1.6 Rc2
Dokeos Open Source Learning And Knowledge Management Tool 1.5.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Dokeos Open Source Learning And Knowledge Management Tool 1.5.4
1 EDB exploit
7.5
CVSSv2
CVE-2007-2889
SQL injection vulnerability in tracking/courseLog.php in Dokeos 1.6.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the scormcontopen parameter.
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4 P1
Dokeos Open Source Learning And Knowledge Management Tool 1.6.5
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6 Rc2
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Dokeos Open Source Learning And Knowledge Management Tool 1.5.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »