Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 08/06/2009 Updated: 17/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the (1) curdirpath parameter to main/document/slideshow.php and the (2) file parameter to main/exercice/testheaderpage.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dokeos dokeos 1.8.5

get_code_segment About Term project of Linux OS, 2021 fall @ NCU CSIE Target Add a system call to return some memory info of a process's code segment Note 1 asmlinkage 作用 __attribute__是C語言的gcc擴展，用來設置函數屬性、變數屬性和類型屬性等，可以幫助編譯器執行優化。 gccgnuorg/onlinedocs/gcc/x86-Function-Attributes

CWE-79 http://www.dokeos.com/wiki/index.php/Security#Dokeos_1.8 http://www.vupen.com/english/advisories/2009/1300 http://gsasec.blogspot.com/2009/05/dokeos-free-185-multiple.html http://www.securityfocus.com/bid/34928 https://exchange.xforce.ibmcloud.com/vulnerabilities/51140 https://nvd.nist.gov https://github.com/wst24365888/get_code_segment

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-2009

Vulnerability Summary

Github Repositories

References

Vulmon Search

About

Products

Connect