WEB APPLICATION VULNERABILITIES Standard & Premium

Claroline Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-37159)

Description

Claroline 13.5.7 and prior is vulnerable to Remote code execution via arbitrary file upload.

Remediation

References

Related Vulnerabilities

Drupal CVE-2017-6925 Vulnerability (CVE-2017-6925)

Oracle Database Server CVE-2024-21184 Vulnerability (CVE-2024-21184)

WordPress Plugin Awesome Filterable Portfolio Multiple SQL Injection Vulnerabilities (1.8.6)

Moodle CVE-2011-4301 Vulnerability (CVE-2011-4301)

Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30179)

Severity

Critical

Classification

CVE-2022-37159 CWE-434 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities