Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2598


Vulnerability Score 5.0 5.0
CVE Id CVE-2005-2598
Last Modified 05 Sep 2008 04:52:11
Published 17 Aug 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Multiple directory traversal vulnerabilities in Dokeos 1.6 and earlier, and possibly Claroline, allow remote attackers to (1) delete arbitrary files or directories via the delete parameter to claroline/scorm/scormdocument.php, (2) move arbitrary files via the move_to and move_file parameters to claroline/document/document.php, or determine the existence of arbitrary files via the file parameter to (3) claroline/scorm/showinframes.php or (4) claroline/scorm/contents.php.

Vulnerable Systems


  • Dokeos 1.6


SECUNIA - 16407

FULLDISC - 20050812 Multiple directory traversal vulnerabilities in Claroline

FULLDISC - 20050819 Re: Erroneous Informations - Multiple directory traversal vulnerabilities in Claroline

Last Updated: 27 May 2016 10:40:34