Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dokeos vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2009-2007
Multiple directory traversal vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote malicious users to (1) read portions of arbitrary files via a .. (dot dot) and a ..\ (dot dot backslash) in the lang parameter to main/exercice/hotspot_lang_conversion.php and (2) rea...
Dokeos Dokeos 1.8.5
4.3
CVSSv2
CVE-2009-2009
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the (1) curdirpath parameter to main/document/slideshow.php and the (2) file parameter to main/exercice/testheaderpag...
Dokeos Dokeos 1.8.5
1 Github repository
4.9
CVSSv2
CVE-2007-6479
Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php (aka the "My profile" page) in Dokeos 1.8.4 allows remote authenticated users to upload and execute arbitrary PHP files via a filename with a double extension, w...
Dokeos Dokeos 1.8.4
1 EDB exploit
2.6
CVSSv2
CVE-2009-2006
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the (1) search_term parameter to main/auth/courses.php; the (2) frm_title and (3) frm_content parameters in a new per...
Dokeos Dokeos 1.8.5
3.5
CVSSv2
CVE-2012-5776
Dokeos 2.1.1 has multiple XSS issues involving "extra_" parameters in main/auth/profile.php.
Dokeos Dokeos 2.1.1
7.5
CVSSv2
CVE-2008-0850
Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to whoisonline.php, (2) tracking_list_coaches_column parameter to main/mySpace/index.php, (3) tutor_name parameter to main/create_course/...
Dokeos Dokeos 1.8.4
4 EDB exploits
4.3
CVSSv2
CVE-2014-1877
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 2.1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) Phone, (2) Street, (3) Address line, (4) Zip code, or (5) City field to main/auth/profile.php; (6) Subject field to main/social/grou...
Dokeos Project Dokeos 2.1.1
4.3
CVSSv2
CVE-2007-6574
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the origin parameter to work/work.php in a display_upload_form action, or the forum parameter to (2) forum/viewfor...
Dokeos Open Source Learning And Knowledge Management Tool 1.5.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
Dokeos Open Source Learning And Knowledge Management Tool 1.6.5
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Dokeos Open Source Learning And Knowledge Management 1.8
Dokeos Open Source Learning And Knowledge Management 1.8.4
Dokeos Open Source Learning And Knowledge Management Tool 1.8
Dokeos Open Source Learning And Knowledge Management Tool 1.8.4
3 EDB exploits
5.1
CVSSv2
CVE-2006-2285
PHP remote file inclusion vulnerability in authldap.php in Dokeos 1.6.4 allows remote malicious users to execute arbitrary PHP code via a URL in the includePath parameter.
Dokeos Open Source Learning And Knowledge Management Tool 1.6 Rc2
Dokeos Open Source Learning And Knowledge Management Tool 1.5.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Dokeos Open Source Learning And Knowledge Management Tool 1.5.4
1 EDB exploit
7.5
CVSSv2
CVE-2007-2889
SQL injection vulnerability in tracking/courseLog.php in Dokeos 1.6.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the scormcontopen parameter.
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4 P1
Dokeos Open Source Learning And Knowledge Management Tool 1.6.5
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6 Rc2
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Dokeos Open Source Learning And Knowledge Management Tool 1.5.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »