CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2005-1376

HIGH
7.5
CVSS Severity Score
EPSS Score0.1540%
EPSS Percentile27.32th
Published2005年5月3日
Last Modified2026年4月16日

Vulnerability Description

Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to upload arbitrary files.

Affected Platforms (CPE)

📦
Claroline

Claroline

= 1.5.3
📦
Claroline

Claroline

= 1.6_beta
📦
Claroline

Claroline

= 1.6_rc1

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=111464607103407&w=2
🔗 http://secunia.com/advisories/15161
🔗 http://secunia.com/advisories/15725
🔗 http://securitytracker.com/id?1013822
🔗 http://www.claroline.net/news.php#85
🔗 http://www.securityfocus.com/bid/13407
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/20287
🔗 http://marc.info/?l=bugtraq&m=111464607103407&w=2

相關漏洞威脅

CVE-2008-082410.0

Unspecified vulnerability in the php2phps function in Claroline before 1.8.9 has unknown impact and attack vectors.

CVE-2006-041110.0

claro_init_local.inc.php in Claroline 1.7.2 uses guessable session cookies (MD5 hash of connection time), which allows remote atta...

CVE-2005-13757.5

Multiple SQL injection vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attac...

CVE-2005-13777.5

Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow ...