Description

Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to upload arbitrary files.

Remediation

References

CVE-2005-1376

Related Vulnerabilities

WebLogic Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2018-11040)

Next.js URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-37699)

Oracle Database Server CVE-2008-1817 Vulnerability (CVE-2008-1817)

MySQL CVE-2012-0572 Vulnerability (CVE-2012-0572)

WebLogic CVE-2019-2827 Vulnerability (CVE-2019-2827)

Severity

High

Classification

CVE-2005-1376

Tags

Missing Update Known Vulnerabilities