Dokeos <= 1.8.4 main/calendar/myagenda.php courseCode Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can...

CVE-2008-0851

CVE-2008-0851 affects Dokeos 1.8.4 with multiple cross-site scripting (XSS) vulnerabilities. Remote attackers can inject arbitrary web script/HTML via (1) username in inscription.php, (2) courseCode in main/calendar/myagenda.php, (3) category in main/admin/course_category.php, (4) message in main...