Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to upload arbitrary files.
Software | From | Fixed in |
---|---|---|
claroline / claroline | 1.5.3 | 1.5.3.x |
claroline / claroline | 1.6_beta | 1.6_beta.x |
claroline / claroline | 1.6_rc1 | 1.6_rc1.x |