Summary
Dokeos is prone to a remote code-execution vulnerability because the software fails to adequately sanitize user-supplied input.
Exploiting this issue could allow an attacker to execute arbitrary code in the context of the vulnerable application.
Dokeos prior to version 1.8.5 are vulnerable.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Andy's PHP Knowledgebase 'step5.php' Remote PHP Code Execution Vulnerability
- Adobe ColdFusion Information Disclosure Vulnerability
- AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
- Artmedic Kleinanzeigen File Inclusion Vulnerability
- ActivDesk Multiple Cross Site Scripting and SQL Injection Vulnerabilities