virus logo Intrusion Prevention

Dokeos.LMS.Remote.Code.Execution

description-logoDescription

This indicates an attack attempt to exploit a Remote Code Execution vulnerability in Dokeos.
The vulnerability is due to insufficient sanitizing of user supplied inputs in whoisonline.php of the application. As a result, a remote attacker can exploit this to execute arbitrary PHP code within the context of the application

affected-products-logoAffected Products

Dokeos LMS 1.8.5 and earlier versions

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply patch available from the website.
http://www.dokeos.com/wiki/index.php/Security#Dokeos_1.8

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 31159
Created Mar 07, 2012
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Windows, Linux
Affected App Other