Dokeos: >> Open Source Learning And Knowledge Management Tool >> 1.6.4_p1 Security Vulnerabilities
SQL injection vulnerability in tracking/courseLog.php in Dokeos 1.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the scormcontopen parameter.
CVSS Score
7.5
EPSS Score
0.004
Published
2007-05-30
PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and earlier, as used in Dokeos and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the extAuthSource[newUser] parameter.
CVSS Score
5.1
EPSS Score
0.079
Published
2006-09-19