Description

Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary PHP code via unknown vectors.

Remediation

References

CVE-2005-1377

Related Vulnerabilities

Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4464)

WordPress Plugin Work The Flow File Upload Arbitrary File Upload (2.5.2)

PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0067)

PostgreSQL Improper Certificate Validation Vulnerability (CVE-2012-0867)

Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8128)

Severity

High

Classification

CVE-2005-1377

Tags

Missing Update Known Vulnerabilities