Dokeos 'whoisonline.php' Remote Code Execution Vulnerability Network Vulnerability

Summary

Dokeos is prone to a remote code-execution vulnerability because the software fails to adequately sanitize user-supplied input. Exploiting this issue could allow an attacker to execute arbitrary code in the context of the vulnerable application. Dokeos prior to version 1.8.5 are vulnerable.

References

http://www.securityfocus.com/bid/34633

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ajax File and Image Manager 'data.php' PHP Code Injection Vulnerability
ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
Atutor AContent Multiple SQL Injection and XSS Vulnerabilities
Alchemy Eye HTTP Command Execution
Avenger's News System Command Execution

Take action and discover your vulnerabilities