CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 2CVE-2008-7154 – Docebo 3.5.0.3 - 'lib.regset.php' Command Execution
https://notcve.org/view.php?id=CVE-2008-7154
Docebo 3.5.0.3 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) class/class.conf_fw.php, (2) class.module/class.event_manager.php, (3) lib/lib.domxml5.php, or (4) menu/menu_over.php in doceboCore/; or (5) class/class.conf_cms.php, (6) lib/lib.compose.php, (7) modules/chat/teleskill.php, or (8) class/class.admin_menu_cms.php in doceboCms/; which reveals the installation path in an error message. Docebo 3.5.0.3 y versiones anteriores permite a atacantes remotos obtener información sensible mediante una petición directa a (1) class/class.conf_fw.php, (2) class.module/class.event_manager.php, (3) lib/lib.domxml5.php o (4) menu/menu_over.php en doceboCore/; o (5) class/class.conf_cms.php, (6) lib/lib.compose.php, (7) modules/chat/teleskill.php o (8) class/class.admin_menu_cms.php en doceboCms/; lo que revela la ruta de instalación en un mensaje de error. • https://www.exploit-db.com/exploits/4879 http://www.docebo.org/doceboCms/bugtracker/18_124/bugdetails/appid_24-bugid_198/bugtracker.html http://www.securityfocus.com/bid/27211 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 3CVE-2008-7153 – Docebo 3.5.0.3 - '/lib.regset.php/non-blind' SQL Injection
https://notcve.org/view.php?id=CVE-2008-7153
SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Accept-Language HTTP header. NOTE: this can be leveraged to execute arbitrary PHP code using the INTO DUMPFILE command. Vulnerabilidad de inyección SQL en la función autoDetectRegion en doceboCore/lib/lib.regset.php en Docebo v3.5.0.3 y anteriores permite a atacantes remotos ejecutar comandos SQL a su elección a través de la cabecera Accept-Language HTTP. NOTA: esto también puede ser aprovechado para ejecutar código PHP a su elección usando el comando INTO DUMPFILE. • https://www.exploit-db.com/exploits/4891 https://www.exploit-db.com/exploits/4879 http://osvdb.org/40138 http://secunia.com/advisories/28378 http://www.docebo.org/doceboCms/bugtracker/18_124/bugdetails/appid_24-bugid_198/bugtracker.html http://www.securityfocus.com/bid/27211 https://exchange.xforce.ibmcloud.com/vulnerabilities/39589 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 4CVE-2007-1240 – Docebo CMS 3.0.x - '/modules/htmlframechat/index.php' Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-1240
Multiple cross-site scripting (XSS) vulnerabilities in Docebo CMS 3.0.3 through 3.0.5 allow remote attackers to inject arbitrary web script or HTML via (1) the searchkey parameter to index.php, or the (2) sn or (3) ri parameter to modules/htmlframechat/index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Múltiples vulnerabilidades de secuencia de comando en sitios cruzados (XSS) en Docebo CMS 3.0.3 hasta 3.0.5 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro (1) searchkey en index.php, o el parámetro (2)sn o (3)ri en modules/htmlframechat/index.php. NOTA: la procedencia de esta información es desconocida; los detalles han sido obtenidos a partir de la información de terceros. • https://www.exploit-db.com/exploits/29662 https://www.exploit-db.com/exploits/29661 http://downloads.securityfocus.com/vulnerabilities/exploits/22719.html http://osvdb.org/35995 http://osvdb.org/35996 http://www.securityfocus.com/bid/22719 https://exchange.xforce.ibmcloud.com/vulnerabilities/32842 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 2CVE-2006-6957
https://notcve.org/view.php?id=CVE-2006-6957
PHP remote file inclusion vulnerability in addons/mod_media/body.php in Docebo 3.0.3 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[where_framework] parameter. NOTE: this issue might be resultant from a global overwrite vulnerability. This issue is similar to CVE-2006-2576 and CVE-2006-3107, but the vectors are different. Vulnerabilidad de inclusión remota de archivo en PHP en addons/mod_media/body.php en Docebo 3.0.3 y anteriores, cuando register_globals está activado, permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro GLOBALS[where_framework]. NOTA: este problema podría ser resultado de una vulnerabilidad global de sobrescritura. • http://archives.neohapsis.com/archives/bugtraq/2006-06/0109.html http://securityreason.com/securityalert/2194 http://www.osvdb.org/26710 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2006-6963
https://notcve.org/view.php?id=CVE-2006-6963
Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 3.0.3 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[where_lms] parameter to (1) class.module/class.definition.php and (2) modules/scorm/scorm_utils.php. NOTE: this issue may overlap CVE-2006-2577. Múltiples vulnerabilidades de inclusión remota de archivo en PHP en Docebo LMS 3.0.3 permiten a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro a través del parámetro GLOBALS[where_lms] de (1) class.module/class.definition.php y (2) modules/scorm/scorm_utils.php. NOTA: este problema podría superponerse con CVE-2006-2577. • http://archives.neohapsis.com/archives/bugtraq/2006-06/0116.html http://securityreason.com/securityalert/2188 http://www.docebo.org/doceboCms/bugtracker/18_124/bugdetails/appid_1-bugid_154/bugtracker.html http://www.osvdb.org/26712 http://www.osvdb.org/26713 https://exchange.xforce.ibmcloud.com/vulnerabilities/26633 •