CVE-2007-2889
CVE-2007-2889 corresponds to an SQL injection in tracking/courseLog.php of Dokeos (versions 1.6.5 and earlier). The underlying issue is that the scormcontopen parameter is unsafely used in SQL queries, enabling remote attackers to execute arbitrary SQL commands. Affected software: Dokeos 1.6.5 an...