Known Vulnerabilities for products from Claroline
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Claroline".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-37162 json | Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS). An attacker can obtain javascript code execution by a... | 5.4 - MEDIUM | 2022-08-25 | 2022-08-27 |
| CVE-2022-37161 json | Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS) via SVG file upload. | 6.1 - MEDIUM | 2022-08-25 | 2022-08-27 |
| CVE-2022-37160 json | Claroline 13.5.7 and prior allows an authenticated attacker to elevate privileges via the arbitrary creation of a privileged ... | 5.4 - MEDIUM | 2022-08-25 | 2022-08-27 |
| CVE-2022-37159 json | Claroline 13.5.7 and prior is vulnerable to Remote code execution via arbitrary file upload. | 9.8 - CRITICAL | 2022-08-25 | 2022-08-27 |
| CVE-2013-6267 json | Multiple cross-site scripting (XSS) vulnerabilities in Claroline before 1.11.9 allow remote attackers to inject arbitrary web... | Not Provided | 2013-12-05 | 2026-04-29 |
| CVE-2013-4753 json | Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.11.9 and earlier allow remote authenticated users to injec... | Not Provided | 2014-12-26 | 2026-05-06 |
| CVE-2011-3716 json | Claroline 1.9.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals th... | Not Provided | 2011-09-23 | 2026-04-29 |
| CVE-2009-1907 json | Cross-site scripting (XSS) vulnerability in claroline/linker/notfound.php in Claroline 1.8.11 allows remote attackers to inje... | Not Provided | 2009-06-04 | 2026-04-23 |
| CVE-2008-3315 json | Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.10 allow remote attackers to inject arbitrary web script... | Not Provided | 2008-07-25 | 2026-04-23 |
| CVE-2008-3262 json | Cross-site request forgery (CSRF) vulnerability in Claroline before 1.8.10 allows remote attackers to change passwords, relat... | Not Provided | 2008-07-22 | 2026-04-23 |
| CVE-2008-3261 json | Open redirect vulnerability in claroline/redirector.php in Claroline before 1.8.10 allows remote attackers to redirect users ... | Not Provided | 2008-07-22 | 2026-04-23 |
| CVE-2008-3260 json | Multiple cross-site scripting (XSS) vulnerabilities in Claroline before 1.8.10 allow remote attackers to inject arbitrary web... | Not Provided | 2008-07-22 | 2026-04-23 |
| CVE-2007-4742 json | Claroline before 1.8.6 allows remote authenticated administrators to obtain sensitive information via an invalid value in the... | Not Provided | 2007-09-06 | 2026-04-23 |
| CVE-2007-4741 json | Cross-site scripting (XSS) vulnerability in admin/adminusers.php in Claroline before 1.8.6 allows remote authenticated admini... | Not Provided | 2007-09-06 | 2026-04-23 |
| CVE-2007-4718 json | Directory traversal vulnerability in inc/lib/language.lib.php in Claroline before 1.8.6 allows remote attackers to include an... | Not Provided | 2007-09-05 | 2026-04-23 |
| CVE-2007-4717 json | Multiple cross-site scripting (XSS) vulnerabilities in Claroline before 1.8.6 allow remote authenticated administrators to in... | Not Provided | 2007-09-05 | 2026-04-23 |
| CVE-2007-3517 json | Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.3 allow remote attackers to inject arbitrary web script ... | Not Provided | 2007-07-03 | 2026-04-23 |
| CVE-2006-7048 json | Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to execute arbitrary PHP code vi... | Not Provided | 2007-02-24 | 2026-04-23 |
| CVE-2006-5256 json | PHP remote file inclusion vulnerability in claroline/inc/lib/import.lib.php in Claroline 1.8.0 and earlier allows remote atta... | Not Provided | 2006-10-12 | 2026-04-23 |
| CVE-2006-4844 json | PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and earlier, as used in Dokeos and... | 5.1 - MEDIUM | 2006-09-19 | 2017-07-20 |
Known software with vulnerabilities from Claroline
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Claroline | Claroline | 1.10 |