Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
claroline claroline vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2006-0411
claro_init_local.inc.php in Claroline 1.7.2 uses guessable session cookies (MD5 hash of connection time), which allows remote malicious users to hijack sessions and possibly gain administrative privileges.
Claroline Claroline 1.7.2
5
CVSSv2
CVE-2005-2598
Multiple directory traversal vulnerabilities in Dokeos 1.6 and previous versions, and possibly Claroline, allow remote malicious users to (1) delete arbitrary files or directories via the delete parameter to claroline/scorm/scormdocument.php, (2) move arbitrary files via the move...
Dokeos Dokeos
6.8
CVSSv2
CVE-2005-1374
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.5.3 up to and including 1.6 Release Candidate 1, and possibly Dokeos, allow remote malicious users to inject arbitrary web script or HTML via (1) exercise_result.php, (2) exercice_submit.php, (3) agenda.php, (4) l...
Claroline Claroline 1.5.3
Claroline Claroline 1.6 Beta
Claroline Claroline 1.6 Rc1
3 EDB exploits
7.5
CVSSv2
CVE-2005-1375
Multiple SQL injection vulnerabilities in Claroline 1.5.3 up to and including 1.6 Release Candidate 1, and possibly Dokeos, allow remote malicious users to execute arbitrary SQL commands via (1) learningPath.php, (2) learningPathAdmin.php, (3) learnPath_details.php, (4) modules_p...
Claroline Claroline 1.5.3
Claroline Claroline 1.6 Beta
Claroline Claroline 1.6 Rc1
4 EDB exploits
7.5
CVSSv2
CVE-2005-1376
Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 up to and including 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to upload arbitrary files.
Claroline Claroline 1.5.3
Claroline Claroline 1.6 Beta
Claroline Claroline 1.6 Rc1
7.5
CVSSv2
CVE-2005-1377
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 up to and including 1.6 Release Candidate 1, and possibly Dokeos, allow remote malicious users to execute arbitrary PHP code via unknown vectors.
Claroline Claroline 1.5.3
Claroline Claroline 1.6 Beta
Claroline Claroline 1.6 Rc1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4