Description

Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary PHP code via unknown vectors.

Remediation

References

CVE-2005-1377

Related Vulnerabilities

WordPress Plugin HTML5 AV Manager for WordPress 'custom.php' Arbitrary File Upload (0.2.7)

WordPress Plugin Related Posts Cross-Site Scripting (5.12.91)

Undertow Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-1745)

WordPress Plugin Podcast Importer SecondLine SQL Injection (1.3.7)

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11876)

Severity

High

Classification

CVE-2005-1377

Tags

Missing Update Known Vulnerabilities