Dokeos : Security Vulnerabilities, CVEs, Published In 2006 (File inclusion) CVSS score >= 3
PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and earlier, as used in Dokeos and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the extAuthSource[newUser] parameter.
Max CVSS
5.1
EPSS Score
7.41%
Published
2006-09-19
Updated
2017-07-20
Multiple PHP remote file inclusion vulnerabilities in claro_init_global.inc.php in Dokeos 1.6.3 and earlier, and Dokeos community release 2.0.3, allow remote attackers to execute arbitrary PHP code via a URL in the (1) rootSys and (2) clarolineRepositorySys parameters, and possibly the (3) lang_path, (4) extAuthSource, (5) thisAuthSource, (6) main_configuration_file_path, (7) phpDigIncCn, and (8) drs parameters to (a) testheaderpage.php and (b) resourcelinker.inc.php.
Max CVSS
6.8
EPSS Score
2.05%
Published
2006-05-10
Updated
2017-07-20
PHP remote file inclusion vulnerability in authldap.php in Dokeos 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the includePath parameter.
Max CVSS
5.1
EPSS Score
8.77%
Published
2006-05-10
Updated
2018-10-18
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) clarolineRepositorySys parameter in ldap.inc.php and the (2) claro_CasLibPath parameter in casProcess.inc.php.
Max CVSS
6.8
EPSS Score
1.64%
Published
2006-05-10
Updated
2018-10-18
4 vulnerabilities found