Lucene search
K

25 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-0857

Malware in sbrugna...

7.5CVSS6.4AI score0.02383EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-0858

Malware in sbrugna...

4.3CVSS6.4AI score0.03964EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2007-6540

Malware in sbrugna...

4.3CVSS6.4AI score0.01765EPSS
Exploits1References7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Dokeos 1.x forum/viewforum.php forum Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/26992/info Dokeos is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Dokeos <= 1.8.4 main/admin/session_list.php cmessage Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2008/03/10 5:0 p.m.16 views

CVE-2008-1222

Cross-site scripting XSS vulnerability in Dokeos 1.8.4 before SP3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.01223EPSS
Exploits0References6
CVE
CVE
added 2008/03/10 5:0 p.m.49 views

CVE-2008-1222

CVE-2008-1222 is an XSS in Dokeos 1.8.4 before SP3. Remote attackers can inject arbitrary script/HTML via unspecified vectors. The connected sources confirm the affected product and vulnerability type; no detailed root cause, exact vectors, or patch specifics are provided in the documents. No exp...

4.3CVSS5.7AI score0.01223EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2008/02/21 12:44 a.m.18 views

CVE-2008-0851

Multiple cross-site scripting XSS vulnerabilities in Dokeos 1.8.4 allow remote attackers to inject arbitrary web script or HTML via the 1 username parameter to inscription.php, 2 courseCode parameter to main/calendar/myagenda.php, 3 category parameter to main/admin/coursecategory.php, 4 message...

4.3CVSS5.8AI score0.03964EPSS
Exploits1References7
Prion
Prion
added 2008/02/21 12:44 a.m.15 views

Sql injection

Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to whoisonline.php, 2 trackinglistcoachescolumn parameter to main/mySpace/index.php, 3 tutorname parameter to main/createcourse/addcourse.php, the 4 Referer HTTP...

7.5CVSS9.2AI score0.02383EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2008/02/21 12:44 a.m.12 views

CVE-2008-0850

Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to whoisonline.php, 2 trackinglistcoachescolumn parameter to main/mySpace/index.php, 3 tutorname parameter to main/createcourse/addcourse.php, the 4 Referer HTTP...

7.5CVSS8.5AI score0.02383EPSS
Exploits0References7
Prion
Prion
added 2008/02/21 12:44 a.m.19 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Dokeos 1.8.4 allow remote attackers to inject arbitrary web script or HTML via the 1 username parameter to inscription.php, 2 courseCode parameter to main/calendar/myagenda.php, 3 category parameter to main/admin/coursecategory.php, 4 message...

4.3CVSS6.1AI score0.03964EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2008/02/21 12:0 a.m.19 views

CVE-2008-0851

Multiple cross-site scripting XSS vulnerabilities in Dokeos 1.8.4 allow remote attackers to inject arbitrary web script or HTML via the 1 username parameter to inscription.php, 2 courseCode parameter to main/calendar/myagenda.php, 3 category parameter to main/admin/coursecategory.php, 4 message...

5.8AI score0.03964EPSS
Exploits1References7
Cvelist
Cvelist
added 2008/02/21 12:0 a.m.16 views

CVE-2008-0850

Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to whoisonline.php, 2 trackinglistcoachescolumn parameter to main/mySpace/index.php, 3 tutorname parameter to main/createcourse/addcourse.php, the 4 Referer HTTP...

8.5AI score0.02383EPSS
Exploits0References7
CVE
CVE
added 2008/02/21 12:0 a.m.48 views

CVE-2008-0851

CVE-2008-0851 affects Dokeos 1.8.4 with multiple cross-site scripting (XSS) vulnerabilities. Remote attackers can inject arbitrary web script/HTML via (1) username in inscription.php, (2) courseCode in main/calendar/myagenda.php, (3) category in main/admin/course_category.php, (4) message in main...

4.3CVSS5.8AI score0.03964EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2008/02/21 12:0 a.m.55 views

CVE-2008-0850

CVE-2008-0850 concerns Dokeos 1.8.4 with multiple SQL injection vulnerabilities. The affected components include: (1) id parameter in whoisonline.php, (2) tracking_list_coaches_column parameter in main/mySpace/index.php, (3) tutor_name parameter in main/create_course/add_course.php, (4) Referer H...

7.5CVSS8.5AI score0.02383EPSS
Exploits0References7Affected Software1
Exploit DB
Exploit DB
added 2008/02/15 12:0 a.m.23 views

Dokeos 1.8.4 - &#039;/main/mySpace/index.php?tracking_list_coaches_column&#039; SQL Injection

source: https://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can exploit these issues to execute...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2008/02/15 12:0 a.m.20 views

Dokeos 1.8.4 - &#039;/main/calendar/myagenda.php?courseCode&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can exploit these issues to execute...

7.4AI score
Exploits0
Prion
Prion
added 2007/12/28 9:46 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Dokeos 1.8.4 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the origin parameter to work/work.php in a displayuploadform action, or the forum parameter to 2 forum/viewforum.php or 3 forum/viewthread.php...

4.3CVSS6.1AI score0.01765EPSS
Exploits1References6Affected Software2
exploitpack
exploitpack
added 2007/12/22 12:0 a.m.18 views

Dokeos 1.x - forumviewthread.php?forum Cross-Site Scripting

Dokeos 1.x - forumviewthread.php?forum Cross-Site Scripting source: https://www.securityfocus.com/bid/26992/info Dokeos is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...

6.8AI score
Exploits0
NVD
NVD
added 2007/12/20 8:46 p.m.12 views

CVE-2007-6479

Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php aka the "My profile" page in Dokeos 1.8.4 allows remote authenticated users to upload and execute arbitrary PHP files via a filename with a double extension, which can then be accessed through a URI...

4.9CVSS7AI score0.01572EPSS
Exploits0References4
Rows per page
Query Builder