Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple directory traversal vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to (1) read portions of arbitrary files via a .. (dot dot) and a ..\ (dot dot backslash) in the lang parameter to main/exercice/hotspot_lang_conversion.php and (2) read arbitrary files via a .. (dot dot) in the doc_url parameter to main/exercice/Hpdownload.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dokeos 多个目录遍历漏洞
Vulnerability Description
Dokeos 1.8.5版本及其早期版本中存在多个目录遍历漏洞。远程攻击者(1)可以借助对main/exercice/hotspot_lang_conversion.php参数的lang参数中的一个..和一个..\来读取任意文件的部分内容(2)对main/exercice/Hpdownload.php的doc_url参数中的一个..,读取任意文件。
CVSS Information
N/A
Vulnerability Type
N/A