Claroline » Claroline : Security Vulnerabilities, CVEs, Published In 2006 (File inclusion) CVSS score >= 3
PHP remote file inclusion vulnerability in claroline/inc/lib/import.lib.php in Claroline 1.8.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the includePath parameter.
Max CVSS
7.5
EPSS Score
15.36%
Published
2006-10-12
Updated
2018-10-17
PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and earlier, as used in Dokeos and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the extAuthSource[newUser] parameter.
Max CVSS
5.1
EPSS Score
7.41%
Published
2006-09-19
Updated
2017-07-20
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the includePath cookie to (1) auth/extauth/drivers/mambo.inc.php or (2) auth/extauth/drivers/postnuke.inc.php.
Max CVSS
5.1
EPSS Score
12.32%
Published
2006-06-06
Updated
2017-10-19
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) clarolineRepositorySys parameter in ldap.inc.php and the (2) claro_CasLibPath parameter in casProcess.inc.php.
Max CVSS
6.8
EPSS Score
1.64%
Published
2006-05-10
Updated
2018-10-18
PHP remote file inclusion vulnerability in learnPath/include/scormExport.inc.php in Claroline 1.7.4 and earlier allows remote attackers to execute arbitrary PHP code via the includePath parameter.
Max CVSS
7.5
EPSS Score
4.32%
Published
2006-04-03
Updated
2017-10-19
5 vulnerabilities found