Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
claroline vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-1376
Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 up to and including 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to upload arbitrary files.
Claroline Claroline 1.5.3
Claroline Claroline 1.6 Beta
Claroline Claroline 1.6 Rc1
7.5
CVSSv2
CVE-2005-1375
Multiple SQL injection vulnerabilities in Claroline 1.5.3 up to and including 1.6 Release Candidate 1, and possibly Dokeos, allow remote malicious users to execute arbitrary SQL commands via (1) learningPath.php, (2) learningPathAdmin.php, (3) learnPath_details.php, (4) modules_p...
Claroline Claroline 1.5.3
Claroline Claroline 1.6 Beta
Claroline Claroline 1.6 Rc1
4 EDB exploits
6.8
CVSSv2
CVE-2006-2284
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) clarolineRepositorySys parameter in ldap.inc.php and the (2) claro_CasLibPath parameter in casProcess.inc.php.
Claroline Claroline 1.7.4
Claroline Claroline 1.7.5
Dokeos Dokeos 1.6 Rc2
Claroline Claroline 1.6 Rc1
Claroline Claroline 1.7.2
Dokeos Dokeos 1.5.5
Dokeos Dokeos 1.6.4
Claroline Claroline 1.5
Claroline Claroline 1.5.3
Dokeos Dokeos 1.4
Dokeos Dokeos 1.5
Claroline Claroline 1.5.4
Claroline Claroline 1.6
Claroline Claroline 1.6 Beta
Dokeos Dokeos 1.5.3
Dokeos Dokeos 1.5.4
1 EDB exploit
5.1
CVSSv2
CVE-2006-4844
PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and previous versions, as used in Dokeos and possibly other products, allows remote malicious users to execute arbitrary PHP code via a URL in the extAuthSource[newUser] parameter.
Claroline Claroline 1.5.3
Claroline Claroline 1.5.4
Claroline Claroline 1.7.3
Claroline Claroline 1.7.4
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4 P1
Claroline Claroline 1.2
Claroline Claroline 1.3
Claroline Claroline 1.6 Rc1
Claroline Claroline 1.6
Claroline Claroline 1.6 Beta
Claroline Claroline 1.7.5
Claroline Claroline 1.7.6
Dokeos Open Source Learning And Knowledge Management Tool 1.6.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6 Rc2
Claroline Claroline 1.7
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Claroline Claroline
Claroline Claroline 1.4
Claroline Claroline 1.5
1 EDB exploit
3.5
CVSSv2
CVE-2007-4717
Multiple cross-site scripting (XSS) vulnerabilities in Claroline prior to 1.8.6 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) dir parameter in admin/adminusers.php, the (2) action parameter in admin/advancedUserSearch.php, and the (3...
Claroline Claroline
3 EDB exploits
5.1
CVSSv2
CVE-2007-4718
Directory traversal vulnerability in inc/lib/language.lib.php in Claroline prior to 1.8.6 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
Claroline Claroline
1 EDB exploit
3.5
CVSSv2
CVE-2007-4741
Cross-site scripting (XSS) vulnerability in admin/adminusers.php in Claroline prior to 1.8.6 allows remote authenticated administrators to inject arbitrary web script or HTML via the sort parameter. NOTE: the provenance of this information is unknown; the details are obtained sol...
Claroline Claroline
4.3
CVSSv2
CVE-2007-4742
Claroline prior to 1.8.6 allows remote authenticated administrators to obtain sensitive information via an invalid value in the sort parameter to admin/adminusers.php, which reveals the path in an error message in some circumstances, as demonstrated by a parameter value containin...
Claroline Claroline
NA
CVE-2022-37159
Claroline 13.5.7 and prior is vulnerable to Remote code execution via arbitrary file upload.
Claroline Claroline
1 Github repository
NA
CVE-2022-37162
Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS). An attacker can obtain javascript code execution by adding arbitrary javascript code in the 'Location' field of a calendar event.
Claroline Claroline
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »