Dokeos CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Dokeos Subscriptions

Search

Switch to Advanced Search (Beta)

Total 24 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2006-3924	1 Dokeos	1 Dokeos	2025-04-03	N/A
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos before 1.6.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2006-2286	1 Dokeos	2 Dokeos, Dokeos Community Release	2025-04-03	N/A
Multiple PHP remote file inclusion vulnerabilities in claro_init_global.inc.php in Dokeos 1.6.3 and earlier, and Dokeos community release 2.0.3, allow remote attackers to execute arbitrary PHP code via a URL in the (1) rootSys and (2) clarolineRepositorySys parameters, and possibly the (3) lang_path, (4) extAuthSource, (5) thisAuthSource, (6) main_configuration_file_path, (7) phpDigIncCn, and (8) drs parameters to (a) testheaderpage.php and (b) resourcelinker.inc.php.
CVE-2006-4844	2 Claroline, Dokeos	2 Claroline, Open Source Learning And Knowledge Management Tool	2025-04-03	N/A
PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and earlier, as used in Dokeos and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the extAuthSource[newUser] parameter.
CVE-2012-5776	1 Dokeos	1 Dokeos	2024-11-21	5.4 Medium
Dokeos 2.1.1 has multiple XSS issues involving "extra_" parameters in main/auth/profile.php.

« first previous Page 2 of 2.