Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Dokeos Subscribe
Filtered by product Open Source Learning And Knowledge Management Tool
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-2285 1 Dokeos 1 Open Source Learning And Knowledge Management Tool 2018-10-18 5.1 MEDIUM N/A
PHP remote file inclusion vulnerability in authldap.php in Dokeos 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the includePath parameter.
CVE-2007-6574 1 Dokeos 2 Open Source Learning And Knowledge Management, Open Source Learning And Knowledge Management Tool 2018-10-15 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the origin parameter to work/work.php in a display_upload_form action, or the forum parameter to (2) forum/viewforum.php or (3) forum/viewthread.php.
CVE-2007-2889 1 Dokeos 1 Open Source Learning And Knowledge Management Tool 2017-10-10 7.5 HIGH N/A
SQL injection vulnerability in tracking/courseLog.php in Dokeos 1.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the scormcontopen parameter.
CVE-2008-1222 1 Dokeos 1 Open Source Learning And Knowledge Management Tool 2017-08-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Dokeos 1.8.4 before SP3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-1223 1 Dokeos 1 Open Source Learning And Knowledge Management Tool 2017-08-07 7.5 HIGH N/A
Unspecified vulnerability in Dokeos 1.8.4 before SP3 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2006-4844 2 Claroline, Dokeos 2 Claroline, Open Source Learning And Knowledge Management Tool 2017-07-19 5.1 MEDIUM N/A
PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and earlier, as used in Dokeos and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the extAuthSource[newUser] parameter.