Vulnerabilities > CVE-2007-2889 - Unspecified vulnerability in Dokeos Open Source Learning and Knowledge Management Tool

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
dokeos
exploit available

Summary

SQL injection vulnerability in tracking/courseLog.php in Dokeos 1.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the scormcontopen parameter.

Exploit-Db

descriptionDokeos <= 1.6.5 (courseLog.php scormcontopen) SQL Injection Exploit. CVE-2007-2889. Webapps exploit for php platform
fileexploits/php/webapps/3980.pl
idEDB-ID:3980
last seen2016-01-31
modified2007-05-24
platformphp
port
published2007-05-24
reporterSilentz
sourcehttps://www.exploit-db.com/download/3980/
titleDokeos <= 1.6.5 courseLog.php scormcontopen SQL Injection Exploit
typewebapps