Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dokeos dokeos vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2009-2008
Multiple SQL injection vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote malicious users to execute arbitrary SQL commands via the (1) uInfo parameter to main/tracking/userLog.php and the (2) course parameter to main/mySpace/lp_tracking.php, a different vector t...
Dokeos Dokeos 1.8.5
312
VMScore
CVE-2012-5776
Dokeos 2.1.1 has multiple XSS issues involving "extra_" parameters in main/auth/profile.php.
Dokeos Dokeos 2.1.1
770
VMScore
CVE-2008-0850
Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to whoisonline.php, (2) tracking_list_coaches_column parameter to main/mySpace/index.php, (3) tutor_name parameter to main/create_course/...
Dokeos Dokeos 1.8.4
4 EDB exploits
231
VMScore
CVE-2009-2006
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the (1) search_term parameter to main/auth/courses.php; the (2) frm_title and (3) frm_content parameters in a new per...
Dokeos Dokeos 1.8.5
383
VMScore
CVE-2009-2009
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the (1) curdirpath parameter to main/document/slideshow.php and the (2) file parameter to main/exercice/testheaderpag...
Dokeos Dokeos 1.8.5
1 Github repository
495
VMScore
CVE-2007-6479
Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php (aka the "My profile" page) in Dokeos 1.8.4 allows remote authenticated users to upload and execute arbitrary PHP files via a filename with a double extension, w...
Dokeos Dokeos 1.8.4
1 EDB exploit
383
VMScore
CVE-2014-1877
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 2.1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) Phone, (2) Street, (3) Address line, (4) Zip code, or (5) City field to main/auth/profile.php; (6) Subject field to main/social/grou...
Dokeos Project Dokeos 2.1.1
445
VMScore
CVE-2007-6574
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the origin parameter to work/work.php in a display_upload_form action, or the forum parameter to (2) forum/viewfor...
Dokeos Open Source Learning And Knowledge Management Tool 1.5.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
Dokeos Open Source Learning And Knowledge Management Tool 1.6.5
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Dokeos Open Source Learning And Knowledge Management 1.8
Dokeos Open Source Learning And Knowledge Management 1.8.4
Dokeos Open Source Learning And Knowledge Management Tool 1.8
Dokeos Open Source Learning And Knowledge Management Tool 1.8.4
3 EDB exploits
515
VMScore
CVE-2006-2285
PHP remote file inclusion vulnerability in authldap.php in Dokeos 1.6.4 allows remote malicious users to execute arbitrary PHP code via a URL in the includePath parameter.
Dokeos Open Source Learning And Knowledge Management Tool 1.6 Rc2
Dokeos Open Source Learning And Knowledge Management Tool 1.5.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Dokeos Open Source Learning And Knowledge Management Tool 1.5.4
1 EDB exploit
755
VMScore
CVE-2007-2889
SQL injection vulnerability in tracking/courseLog.php in Dokeos 1.6.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the scormcontopen parameter.
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4 P1
Dokeos Open Source Learning And Knowledge Management Tool 1.6.5
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6 Rc2
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Dokeos Open Source Learning And Knowledge Management Tool 1.5.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »