Description

Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to upload arbitrary files.

Remediation

References

CVE-2005-1376

Related Vulnerabilities

XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2023-45135)

Oracle Database Server CVE-2007-2109 Vulnerability (CVE-2007-2109)

Oracle Application Server Other Vulnerability (CVE-2002-1858)

Moodle Improper Privilege Management Vulnerability (CVE-2023-5549)

Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7330)

Severity

High

Classification

CVE-2005-1376

Tags

Missing Update Known Vulnerabilities