CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
94.6%
PHP remote file inclusion vulnerability in authldap.php in Dokeos 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the includePath parameter.
Vendor | Product | Version | CPE |
---|---|---|---|
dokeos | open_source_learning_and_knowledge_management_tool | 1.4 | cpe:2.3:a:dokeos:open_source_learning_and_knowledge_management_tool:1.4:*:*:*:*:*:*:* |
dokeos | open_source_learning_and_knowledge_management_tool | 1.5 | cpe:2.3:a:dokeos:open_source_learning_and_knowledge_management_tool:1.5:*:*:*:*:*:*:* |
dokeos | open_source_learning_and_knowledge_management_tool | 1.5.3 | cpe:2.3:a:dokeos:open_source_learning_and_knowledge_management_tool:1.5.3:*:*:*:*:*:*:* |
dokeos | open_source_learning_and_knowledge_management_tool | 1.5.4 | cpe:2.3:a:dokeos:open_source_learning_and_knowledge_management_tool:1.5.4:*:*:*:*:*:*:* |
dokeos | open_source_learning_and_knowledge_management_tool | 1.5.5 | cpe:2.3:a:dokeos:open_source_learning_and_knowledge_management_tool:1.5.5:*:*:*:*:*:*:* |
dokeos | open_source_learning_and_knowledge_management_tool | 1.6.4 | cpe:2.3:a:dokeos:open_source_learning_and_knowledge_management_tool:1.6.4:*:*:*:*:*:*:* |
dokeos | open_source_learning_and_knowledge_management_tool | 1.6_rc2 | cpe:2.3:a:dokeos:open_source_learning_and_knowledge_management_tool:1.6_rc2:*:*:*:*:*:*:* |
secunia.com/advisories/19980
securityreason.com/securityalert/856
securitytracker.com/id?1016089
www.osvdb.org/25437
www.securityfocus.com/archive/1/433247/100/0/threaded
www.securityfocus.com/bid/17873
www.securityfocus.com/bid/17915
www.vupen.com/english/advisories/2006/1680
exchange.xforce.ibmcloud.com/vulnerabilities/26274