CVE-2017-20274

CVE-2017-20274 affects Joomla LMS King Professional 3.2.4.0. It enables unauthenticated SQL injection via the cp_id parameter in index.php when using option=com_lmsking, view=lmsking, layout=learningpath, and task=learningPath, allowing manipulation of queries and extraction of sensitive database...

CVE-2008-3315

CVE-2008-3315 refers to multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.10, exploitable via the query string on numerous files (e.g., announcements/messages.php, lostPassword.php, profile.php in auth/; calendar/myagenda.php; group/group.php; learningPath.; tracking/ ; user/*;...