Description

Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary PHP code via unknown vectors.

Remediation

References

CVE-2005-1377

Related Vulnerabilities

PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0063)

Squid Resource Management Errors Vulnerability (CVE-2011-4096)

Oracle JRE CVE-2019-2989 Vulnerability (CVE-2019-2989)

WordPress Plugin RSS Feed Reader 'rss_url' Parameter Cross-Site Scripting (0.1)

Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42111)

Severity

High

Classification

CVE-2005-1377

Tags

Missing Update Known Vulnerabilities