Description
Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to upload arbitrary files.
Remediation
References
Related Vulnerabilities
WebLogic Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2018-11040)
Next.js URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-37699)
Oracle Database Server CVE-2008-1817 Vulnerability (CVE-2008-1817)