Vulnerabilities

CVE-2006-4844

by Fred · 18/09/2006

PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and earlier, as used in Dokeos and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the extAuthSource[newUser] parameter.

Date published : 2006-09-18

http://www.securityfocus.com/bid/20056

http://www.claroline.net/wiki/index.php/Changelog_1.7.x#Modification_between_claroline_1.7.7_and_1.7.8

Similar

Tags: Cybersecurity Alert