Docebolms: >> Docebolms >> 2.0.4 Security Vulnerabilities
connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows remote attackers to execute arbitrary PHP by using the FileUpload command to upload a file that appears to be an image but contains PHP script.
CVSS Score
7.5
EPSS Score
0.015
Published
2005-12-08
Directory traversal vulnerability in connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows remote attackers to list arbitrary files and directories via ".." sequences in the Type parameter in a GetFoldersAndFiles command.
CVSS Score
5.0
EPSS Score
0.113
Published
2005-12-08