Arbitrary File Upload Vulnerabilities in Claroline and Dokeos

Arbitrary File Upload Vulnerabilities in Claroline and Dokeos

CVE-2005-1376 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to upload arbitrary files.

Learn more about our Web Application Penetration Testing UK.