Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
claroline vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-1376
Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 up to and including 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to upload arbitrary files.
Claroline Claroline 1.5.3
Claroline Claroline 1.6 Beta
Claroline Claroline 1.6 Rc1
7.5
CVSSv2
CVE-2005-1377
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 up to and including 1.6 Release Candidate 1, and possibly Dokeos, allow remote malicious users to execute arbitrary PHP code via unknown vectors.
Claroline Claroline 1.5.3
Claroline Claroline 1.6 Beta
Claroline Claroline 1.6 Rc1
6.8
CVSSv2
CVE-2006-2284
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) clarolineRepositorySys parameter in ldap.inc.php and the (2) claro_CasLibPath parameter in casProcess.inc.php.
Claroline Claroline 1.7.4
Claroline Claroline 1.7.5
Dokeos Dokeos 1.6 Rc2
Claroline Claroline 1.6 Rc1
Claroline Claroline 1.7.2
Dokeos Dokeos 1.5.5
Dokeos Dokeos 1.6.4
Claroline Claroline 1.5
Claroline Claroline 1.5.3
Dokeos Dokeos 1.4
Dokeos Dokeos 1.5
Claroline Claroline 1.5.4
Claroline Claroline 1.6
Claroline Claroline 1.6 Beta
Dokeos Dokeos 1.5.3
Dokeos Dokeos 1.5.4
1 EDB exploit
5.1
CVSSv2
CVE-2006-4844
PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and previous versions, as used in Dokeos and possibly other products, allows remote malicious users to execute arbitrary PHP code via a URL in the extAuthSource[newUser] parameter.
Claroline Claroline 1.5.3
Claroline Claroline 1.5.4
Claroline Claroline 1.7.3
Claroline Claroline 1.7.4
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4 P1
Claroline Claroline 1.2
Claroline Claroline 1.3
Claroline Claroline 1.6 Rc1
Claroline Claroline 1.6
Claroline Claroline 1.6 Beta
Claroline Claroline 1.7.5
Claroline Claroline 1.7.6
Dokeos Open Source Learning And Knowledge Management Tool 1.6.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6 Rc2
Claroline Claroline 1.7
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Claroline Claroline
Claroline Claroline 1.4
Claroline Claroline 1.5
1 EDB exploit
4.3
CVSSv2
CVE-2007-4742
Claroline prior to 1.8.6 allows remote authenticated administrators to obtain sensitive information via an invalid value in the sort parameter to admin/adminusers.php, which reveals the path in an error message in some circumstances, as demonstrated by a parameter value containin...
Claroline Claroline
3.5
CVSSv2
CVE-2013-4753
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.11.9 and previous versions allow remote authenticated users to inject arbitrary web script or HTML via (1) the Search field in an inbox action to messaging/messagebox.php, (2) the "First name" field to a...
Claroline Claroline
NA
CVE-2022-37159
Claroline 13.5.7 and prior is vulnerable to Remote code execution via arbitrary file upload.
Claroline Claroline
1 Github repository
NA
CVE-2022-37161
Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS) via SVG file upload.
Claroline Claroline
1 Github repository
3.5
CVSSv2
CVE-2007-4717
Multiple cross-site scripting (XSS) vulnerabilities in Claroline prior to 1.8.6 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) dir parameter in admin/adminusers.php, the (2) action parameter in admin/advancedUserSearch.php, and the (3...
Claroline Claroline
3 EDB exploits
5.1
CVSSv2
CVE-2007-4718
Directory traversal vulnerability in inc/lib/language.lib.php in Claroline prior to 1.8.6 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
Claroline Claroline
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »