Description

Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to upload arbitrary files.

Remediation

References

CVE-2005-1376

Related Vulnerabilities

WordPress Plugin Donation with Goals and Paypal IPN by NonprofitCMS.org 'exporttocsv.php' SQL Injection (1.0)

Oracle Application Server Other Vulnerability (CVE-2002-0386)

WordPress Plugin Shibboleth Cross-Site Scripting (1.7)

MySQL CVE-2019-2797 Vulnerability (CVE-2019-2797)

Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-27233)

Severity

High

Classification

CVE-2005-1376

Tags

Missing Update Known Vulnerabilities