Dokeos Multiple SQL Injection, HTML Injection, Cross-Site Scripting, and File Upload Vulnerabilities

Bugtraq ID: 27792
Class: Input Validation Error
CVE: CVE-2008-0850
Remote: Yes
Local: No
Published: Feb 15 2008 12:00AM
Updated: May 07 2015 05:32PM
Credit: Alexandr Polyakov and Stas Svistunovich of Digital Security Research Group are credited with the discovery of these issues.
Vulnerable: Dokeos Open Source Learning & Knowledge Management Tool 1.8.4
Dokeos Open Source Learning & Knowledge Management Tool 1.8
Dokeos Open Source Learning & Knowledge Management Tool 1.6.5
Dokeos Open Source Learning & Knowledge Management Tool 1.6.4
Dokeos Open Source Learning & Knowledge Management Tool 1.6 RC2
Dokeos Open Source Learning & Knowledge Management Tool 1.5.5
Dokeos Open Source Learning & Knowledge Management Tool 1.5.4
Dokeos Open Source Learning & Knowledge Management Tool 1.5.3
Dokeos Open Source Learning & Knowledge Management Tool 1.5
Dokeos Open Source Learning & Knowledge Management Tool 1.4
Dokeos Open Source Learning & Knowledge Management Tool 1.6.4 (P1)
Dokeos Open Source Learning & Knowledge Management 1.8.4
Dokeos Open Source Learning & Knowledge Management 1.8
Not Vulnerable: Dokeos Open Source Learning & Knowledge Management Tool 1.8.4 SP2


 

Privacy Statement
Copyright 2010, SecurityFocus