Dokeos E-Learning System vulnerabilities
2 known vulnerabilities affecting dokeos/e-learning_system.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-3363P3HIGHCVSS 7.5PoCv1.8.52008-07-30
CVE-2008-3363 [HIGH] CWE-22 CVE-2008-3363: Directory traversal vulnerability in user_portal.php in the Dokeos E-Learning System 1.8.5 on Window
Directory traversal vulnerability in user_portal.php in the Dokeos E-Learning System 1.8.5 on Windows allows remote attackers to include and execute arbitrary local files via a ..\ (dot dot backslash) in the include parameter.
nvd
CVE-2008-0851P4MEDIUMCVSS 4.3PoCv1.8.42008-02-21
CVE-2008-0851 [MEDIUM] CWE-79 CVE-2008-0851: Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 allow remote attackers to inject
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to inscription.php, (2) courseCode parameter to main/calendar/myagenda.php, (3) category parameter to main/admin/course_category.php, (4) message parameter to main/admin/session_list.php in a s
nvd