Dokeos Multiple SQL Injection, HTML Injection, Cross-Site Scripting, and File Upload Vulnerabilities

info
discussion
exploit
solution
references

Dokeos Multiple SQL Injection, HTML Injection, Cross-Site Scripting, and File Upload Vulnerabilities

Attackers can exploit these issues via a web browser. To exploit a cross-site scripting issue, an attacker must entice an unsuspecting user to follow a malicious URI.

The following proof-of-concept information is available:

/data/vulnerabilities/exploits/27792.txt