Docebo Docebolms vulnerabilities
2 known vulnerabilities affecting docebo/docebolms.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2011-5135P3MEDIUMCVSS 6.0PoC≤ 4.0.4v2.0.4+2 more2012-08-30
CVE-2011-5135 [MEDIUM] CWE-89 CVE-2011-5135: Multiple SQL injection vulnerabilities in the save_connection function in lib/lib.iotask.php in the
Multiple SQL injection vulnerabilities in the save_connection function in lib/lib.iotask.php in the iotask module in DoceboLMS 4.0.4 and earlier allow remote authenticated users with admin or teacher privileges to execute arbitrary SQL commands via the (1) coursereportuiconfig[name] or (2) coursereportuiconfig[description] parameters to index.php.
nvd
CVE-2011-3726P4MEDIUMCVSS 5.0v4.0.42011-09-23
CVE-2011-3726 [MEDIUM] CWE-200 CVE-2011-3726: DoceboLMS 4.0.4 allows remote attackers to obtain sensitive information via a direct request to a .p
DoceboLMS 4.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by views/dummy/show.php and certain other files.
nvd