Known Vulnerabilities for products from Claroline

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Claroline".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2022-37162 json Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS). An attacker can obtain javascript code execution by a... 5.4 - MEDIUM 2022-08-25 2022-08-27
CVE-2022-37161 json Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS) via SVG file upload. 6.1 - MEDIUM 2022-08-25 2022-08-27
CVE-2022-37160 json Claroline 13.5.7 and prior allows an authenticated attacker to elevate privileges via the arbitrary creation of a privileged ... 5.4 - MEDIUM 2022-08-25 2022-08-27
CVE-2022-37159 json Claroline 13.5.7 and prior is vulnerable to Remote code execution via arbitrary file upload. 9.8 - CRITICAL 2022-08-25 2022-08-27
CVE-2013-6267 json Multiple cross-site scripting (XSS) vulnerabilities in Claroline before 1.11.9 allow remote attackers to inject arbitrary web... Not Provided 2013-12-05 2026-04-29
CVE-2013-4753 json Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.11.9 and earlier allow remote authenticated users to injec... Not Provided 2014-12-26 2026-05-06
CVE-2011-3716 json Claroline 1.9.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals th... Not Provided 2011-09-23 2026-04-29
CVE-2009-1907 json Cross-site scripting (XSS) vulnerability in claroline/linker/notfound.php in Claroline 1.8.11 allows remote attackers to inje... Not Provided 2009-06-04 2026-04-23
CVE-2008-3315 json Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.10 allow remote attackers to inject arbitrary web script... Not Provided 2008-07-25 2026-04-23
CVE-2008-3262 json Cross-site request forgery (CSRF) vulnerability in Claroline before 1.8.10 allows remote attackers to change passwords, relat... Not Provided 2008-07-22 2026-04-23
CVE-2008-3261 json Open redirect vulnerability in claroline/redirector.php in Claroline before 1.8.10 allows remote attackers to redirect users ... Not Provided 2008-07-22 2026-04-23
CVE-2008-3260 json Multiple cross-site scripting (XSS) vulnerabilities in Claroline before 1.8.10 allow remote attackers to inject arbitrary web... Not Provided 2008-07-22 2026-04-23
CVE-2007-4742 json Claroline before 1.8.6 allows remote authenticated administrators to obtain sensitive information via an invalid value in the... Not Provided 2007-09-06 2026-04-23
CVE-2007-4741 json Cross-site scripting (XSS) vulnerability in admin/adminusers.php in Claroline before 1.8.6 allows remote authenticated admini... Not Provided 2007-09-06 2026-04-23
CVE-2007-4718 json Directory traversal vulnerability in inc/lib/language.lib.php in Claroline before 1.8.6 allows remote attackers to include an... Not Provided 2007-09-05 2026-04-23
CVE-2007-4717 json Multiple cross-site scripting (XSS) vulnerabilities in Claroline before 1.8.6 allow remote authenticated administrators to in... Not Provided 2007-09-05 2026-04-23
CVE-2007-3517 json Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.3 allow remote attackers to inject arbitrary web script ... Not Provided 2007-07-03 2026-04-23
CVE-2006-7048 json Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to execute arbitrary PHP code vi... Not Provided 2007-02-24 2026-04-23
CVE-2006-5256 json PHP remote file inclusion vulnerability in claroline/inc/lib/import.lib.php in Claroline 1.8.0 and earlier allows remote atta... Not Provided 2006-10-12 2026-04-23
CVE-2006-4844 json PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and earlier, as used in Dokeos and... 5.1 - MEDIUM 2006-09-19 2017-07-20

Known software with vulnerabilities from Claroline

Type Vendor Product Version
ApplicationClarolineClaroline1.10
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report