Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-2002

Malware in sbrugna...

2.6CVSS6.2AI score0.01286EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-2000

Malware in sbrugna...

7.5CVSS6.4AI score0.01258EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-2004

Malware in sbrugna...

6.8CVSS6.4AI score0.0103EPSS
Exploits0References6
NVD
NVD
added 2009/06/08 7:30 p.m.13 views

CVE-2009-2009

Multiple cross-site scripting XSS vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 curdirpath parameter to main/document/slideshow.php and the 2 file parameter to main/exercice/testheaderpage.php...

4.3CVSS5.9AI score0.01067EPSS
Exploits0References5
Prion
Prion
added 2009/06/08 7:30 p.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 searchterm parameter to main/auth/courses.php; the 2 frmtitle and 3 frmcontent parameters in a new personal agenda item action; the 4...

2.6CVSS6AI score0.01286EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2009/06/08 7:30 p.m.13 views

CVE-2009-2006

Multiple cross-site scripting XSS vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 searchterm parameter to main/auth/courses.php; the 2 frmtitle and 3 frmcontent parameters in a new personal agenda item action; the 4...

2.6CVSS5.7AI score0.01286EPSS
Exploits0References8
Prion
Prion
added 2009/06/08 7:30 p.m.14 views

Directory traversal

Multiple directory traversal vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to 1 read portions of arbitrary files via a .. dot dot and a ..\ dot dot backslash in the lang parameter to main/exercice/hotspotlangconversion.php and 2 read arbitrary files via a .. dot do...

5CVSS7.5AI score0.01929EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2009/06/08 7:30 p.m.14 views

CVE-2009-2005

Cross-site request forgery CSRF vulnerability in Dokeos 1.8.5, and possibly earlier, allows remote attackers to hijack the authentication of unspecified victims and add new personal agenda items via unknown vectors...

6.8CVSS7.2AI score0.00656EPSS
Exploits1References5
NVD
NVD
added 2009/06/08 7:30 p.m.18 views

CVE-2009-2004

Multiple SQL injection vulnerabilities in main/mySpace/myStudents.php in Dokeos 1.8.5, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the 1 student and 2 course parameters, a different vector than CVE-2007-2902...

7.5CVSS8.4AI score0.01258EPSS
Exploits0References6
Prion
Prion
added 2009/06/08 7:30 p.m.18 views

Sql injection

Multiple SQL injection vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the 1 uInfo parameter to main/tracking/userLog.php and the 2 course parameter to main/mySpace/lptracking.php, a different vector than CVE-2009-2006.2...

6.8CVSS8.9AI score0.01286EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2009/06/08 7:0 p.m.26 views

CVE-2009-2005

Cross-site request forgery CSRF vulnerability in Dokeos 1.8.5, and possibly earlier, allows remote attackers to hijack the authentication of unspecified victims and add new personal agenda items via unknown vectors...

7.2AI score0.00656EPSS
Exploits1References5
CVE
CVE
added 2009/06/08 7:0 p.m.37 views

CVE-2009-2007

CVE-2009-2007 corresponds to multiple directory traversal vulnerabilities in Dokeos 1.8.5 (and possibly earlier). The flaws allow remote attackers to read portions of arbitrary files through two parameters: lang in main/exercice/hotspot_lang_conversion.php (using .. or ..\ in the value) doc_url i...

5CVSS7.1AI score0.01929EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2009/06/08 7:0 p.m.44 views

CVE-2009-2004

CVE-2009-2004 / CVE-2007-2902 involve multiple SQL injection vulnerabilities in Dokeos. The CVE-2009-2004 entry describes SQLi in main/mySpace/myStudents.php affecting Dokeos 1.8.5 and possibly earlier, allowing remote attackers to execute arbitrary SQL commands via the (1) student and (2) course...

7.5CVSS8.6AI score0.01258EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2009/06/08 7:0 p.m.37 views

CVE-2009-2009

CVE-2009-2009 affects Dokeos 1.8.5 (and possibly earlier). The vulnerability involves multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via two parameters: (1) curdirpath in main/document/slideshow.php and (2) file in main/exerc...

4.3CVSS6AI score0.01067EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2009/06/08 7:0 p.m.48 views

CVE-2009-2006

CVE-2009-2006 : Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5 (and possibly earlier) allow remote attackers to inject arbitrary script/HTML via several parameters in main/auth/courses.php, main/mySpace/myStudents.php, and related actions. Vectors 2 and 3 may require a separa...

2.6CVSS5.8AI score0.01286EPSS
Exploits0References8Affected Software1
OpenVAS
OpenVAS
added 2009/04/23 12:0 a.m.32 views

Dokeos <= 1.8.5 'user_portal.php' Local File Include Vulnerability

Dokeos is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.5CVSS6.2AI score0.03327EPSS
Exploits0References2
Rows per page
Query Builder