Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dokeos dokeos vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2009-2009
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the (1) curdirpath parameter to main/document/slideshow.php and the (2) file parameter to main/exercice/testheaderpag...
Dokeos Dokeos 1.8.5
1 Github repository
668
VMScore
CVE-2009-2004
Multiple SQL injection vulnerabilities in main/mySpace/myStudents.php in Dokeos 1.8.5, and possibly earlier, allow remote malicious users to execute arbitrary SQL commands via the (1) student and (2) course parameters, a different vector than CVE-2007-2902.
Dokeos Dokeos 1.8.5
445
VMScore
CVE-2009-2007
Multiple directory traversal vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote malicious users to (1) read portions of arbitrary files via a .. (dot dot) and a ..\ (dot dot backslash) in the lang parameter to main/exercice/hotspot_lang_conversion.php and (2) rea...
Dokeos Dokeos 1.8.5
605
VMScore
CVE-2009-2008
Multiple SQL injection vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote malicious users to execute arbitrary SQL commands via the (1) uInfo parameter to main/tracking/userLog.php and the (2) course parameter to main/mySpace/lp_tracking.php, a different vector t...
Dokeos Dokeos 1.8.5
312
VMScore
CVE-2012-5776
Dokeos 2.1.1 has multiple XSS issues involving "extra_" parameters in main/auth/profile.php.
Dokeos Dokeos 2.1.1
770
VMScore
CVE-2008-0850
Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to whoisonline.php, (2) tracking_list_coaches_column parameter to main/mySpace/index.php, (3) tutor_name parameter to main/create_course/...
Dokeos Dokeos 1.8.4
4 EDB exploits
383
VMScore
CVE-2014-1877
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 2.1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) Phone, (2) Street, (3) Address line, (4) Zip code, or (5) City field to main/auth/profile.php; (6) Subject field to main/social/grou...
Dokeos Project Dokeos 2.1.1
445
VMScore
CVE-2007-6574
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the origin parameter to work/work.php in a display_upload_form action, or the forum parameter to (2) forum/viewfor...
Dokeos Open Source Learning And Knowledge Management Tool 1.5.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
Dokeos Open Source Learning And Knowledge Management Tool 1.6.5
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Dokeos Open Source Learning And Knowledge Management 1.8
Dokeos Open Source Learning And Knowledge Management 1.8.4
Dokeos Open Source Learning And Knowledge Management Tool 1.8
Dokeos Open Source Learning And Knowledge Management Tool 1.8.4
3 EDB exploits
515
VMScore
CVE-2006-2285
PHP remote file inclusion vulnerability in authldap.php in Dokeos 1.6.4 allows remote malicious users to execute arbitrary PHP code via a URL in the includePath parameter.
Dokeos Open Source Learning And Knowledge Management Tool 1.6 Rc2
Dokeos Open Source Learning And Knowledge Management Tool 1.5.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Dokeos Open Source Learning And Knowledge Management Tool 1.5.4
1 EDB exploit
755
VMScore
CVE-2007-2889
SQL injection vulnerability in tracking/courseLog.php in Dokeos 1.6.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the scormcontopen parameter.
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4 P1
Dokeos Open Source Learning And Knowledge Management Tool 1.6.5
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6 Rc2
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Dokeos Open Source Learning And Knowledge Management Tool 1.5.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »