CVE-2005-1377

Опубликовано: 03 мая 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary PHP code via unknown vectors.

Ссылки

http://marc.info/?l=bugtraq&m=111464607103407&w=2
http://secunia.com/advisories/15161
Exploit
Patch
http://secunia.com/advisories/15725
http://securitytracker.com/id?1013822
Exploit
Patch
http://www.claroline.net/news.php#85
Patch
http://www.securityfocus.com/bid/13407
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/20300
http://marc.info/?l=bugtraq&m=111464607103407&w=2
http://secunia.com/advisories/15161
Exploit
Patch
http://secunia.com/advisories/15725
http://securitytracker.com/id?1013822
Exploit
Patch
http://www.claroline.net/news.php#85
Patch
http://www.securityfocus.com/bid/13407
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/20300

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:claroline:claroline:1.5.3:*:*:*:*:*:*:*

cpe:2.3:a:claroline:claroline:1.6_beta:*:*:*:*:*:*:*

cpe:2.3:a:claroline:claroline:1.6_rc1:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.0153

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-9j3h-45m9-8qhm

github

почти 4 года назад