Vulnerabilities > CVE-2007-2902 - Unspecified vulnerability in Dokeos

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
dokeos
exploit available

Summary

SQL injection vulnerability in main/auth/my_progress.php in Dokeos 1.8.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the course parameter.

Vulnerable Configurations

Part Description Count
Application
Dokeos
1

Exploit-Db

descriptionDokeos <= 1.8.0 (my_progress.php course) Remote SQL Injection Exploit. CVE-2007-2901,CVE-2007-2902. Webapps exploit for php platform
fileexploits/php/webapps/3974.pl
idEDB-ID:3974
last seen2016-01-31
modified2007-05-23
platformphp
port
published2007-05-23
reporterSilentz
sourcehttps://www.exploit-db.com/download/3974/
titleDokeos <= 1.8.0 my_progress.php course Remote SQL Injection Exploit
typewebapps