CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-4844

PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and earlier, as used in Dokeos and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the extAuthSource[newUser] parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.079

EPSS Ranking 91.6%

CVSS Severity

CVSS v2 Score 5.1

References

Products affected by CVE-2006-4844

Claroline » Claroline » Version: Any

cpe:2.3:a:claroline:claroline:*
Claroline » Claroline » Version: 1.2

cpe:2.3:a:claroline:claroline:1.2
Claroline » Claroline » Version: 1.3

cpe:2.3:a:claroline:claroline:1.3
Claroline » Claroline » Version: 1.4

cpe:2.3:a:claroline:claroline:1.4
Claroline » Claroline » Version: 1.5

cpe:2.3:a:claroline:claroline:1.5
Claroline » Claroline » Version: 1.5.3

cpe:2.3:a:claroline:claroline:1.5.3
Claroline » Claroline » Version: 1.5.4

cpe:2.3:a:claroline:claroline:1.5.4
Claroline » Claroline » Version: 1.6

cpe:2.3:a:claroline:claroline:1.6
Claroline » Claroline » Version: 1.6_beta

cpe:2.3:a:claroline:claroline:1.6_beta
Claroline » Claroline » Version: 1.6_rc1

cpe:2.3:a:claroline:claroline:1.6_rc1
Claroline » Claroline » Version: 1.7

cpe:2.3:a:claroline:claroline:1.7
Claroline » Claroline » Version: 1.7.1

cpe:2.3:a:claroline:claroline:1.7.1
Claroline » Claroline » Version: 1.7.2

cpe:2.3:a:claroline:claroline:1.7.2
Claroline » Claroline » Version: 1.7.3

cpe:2.3:a:claroline:claroline:1.7.3
Claroline » Claroline » Version: 1.7.4

cpe:2.3:a:claroline:claroline:1.7.4
Claroline » Claroline » Version: 1.7.5

cpe:2.3:a:claroline:claroline:1.7.5
Claroline » Claroline » Version: 1.7.6

cpe:2.3:a:claroline:claroline:1.7.6
Dokeos » Open Source Learning And Knowledge Management Tool » Version: 1.4

cpe:2.3:a:dokeos:open_source_learning_and_knowledge_management_tool:1.4
Dokeos » Open Source Learning And Knowledge Management Tool » Version: 1.5

cpe:2.3:a:dokeos:open_source_learning_and_knowledge_management_tool:1.5
Dokeos » Open Source Learning And Knowledge Management Tool » Version: 1.5.3

cpe:2.3:a:dokeos:open_source_learning_and_knowledge_management_tool:1.5.3
Dokeos » Open Source Learning And Knowledge Management Tool » Version: 1.5.4

cpe:2.3:a:dokeos:open_source_learning_and_knowledge_management_tool:1.5.4
Dokeos » Open Source Learning And Knowledge Management Tool » Version: 1.5.5

cpe:2.3:a:dokeos:open_source_learning_and_knowledge_management_tool:1.5.5
Dokeos » Open Source Learning And Knowledge Management Tool » Version: 1.6.4

cpe:2.3:a:dokeos:open_source_learning_and_knowledge_management_tool:1.6.4
Dokeos » Open Source Learning And Knowledge Management Tool » Version: 1.6.4_p1

cpe:2.3:a:dokeos:open_source_learning_and_knowledge_management_tool:1.6.4_p1
Dokeos » Open Source Learning And Knowledge Management Tool » Version: 1.6.5

cpe:2.3:a:dokeos:open_source_learning_and_knowledge_management_tool:1.6.5
Dokeos » Open Source Learning And Knowledge Management Tool » Version: 1.6_rc2

cpe:2.3:a:dokeos:open_source_learning_and_knowledge_management_tool:1.6_rc2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-4844

Products

Pricing

Contact Us