Description
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) clarolineRepositorySys parameter in ldap.inc.php and the (2) claro_CasLibPath parameter in casProcess.inc.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin Magee Shortcodes Cross-Site Scripting (1.6.3)
SharePoint CVE-2021-1726 Vulnerability (CVE-2021-1726)
WordPress Plugin Contact Form 7 Security Bypass (4.1)
WordPress Plugin WOOCS-Currency Switcher for WooCommerce Professional Cross-Site Scripting (1.3.7)
WordPress Plugin BuddyPress Multiple Vulnerabilities (5.1.2)