Description

Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary PHP code via unknown vectors.

Remediation

References

CVE-2005-1377

Related Vulnerabilities

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (1.3.28)

WeBid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3815)

WordPress Plugin BP GTM System Cross-Site Scripting (1.9.5)

Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-2035)

WordPress Plugin Booster Elite for WooCommerce Multiple Cross-Site Request Forgery Vulnerabilities (6.0.0)

Severity

High

Classification

CVE-2005-1377

Tags

Missing Update Known Vulnerabilities