Description

Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the includePath cookie to (1) auth/extauth/drivers/mambo.inc.php or (2) auth/extauth/drivers/postnuke.inc.php.

Remediation

References

CVE-2006-2868

Related Vulnerabilities

PostgreSQL Other Vulnerability (CVE-1999-0862)

WordPress Plugin PhoneTrack Meu Site Manager Cross-Site Scripting (0.1)

WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.4)

OpenSSL Possible denial of service attack Vulnerability (CVE-2020-1971)

WordPress Plugin WordPress Survey & Poll-Quiz, Survey and Poll SQL Injection (1.1.91)

Severity

Medium

Classification

CVE-2006-2868

Tags

Missing Update Known Vulnerabilities