PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and previous versions, as used in Dokeos and possibly other products, allows remote malicious users to execute arbitrary PHP code via a URL in the extAuthSource[newUser] parameter.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
claroline claroline 1.5.3 |
||
claroline claroline 1.5.4 |
||
claroline claroline 1.7.3 |
||
claroline claroline 1.7.4 |
||
dokeos open source learning and knowledge management tool 1.6.4 |
||
dokeos open source learning and knowledge management tool 1.6.4_p1 |
||
claroline claroline 1.2 |
||
claroline claroline 1.3 |
||
claroline claroline 1.6_rc1 |
||
claroline claroline 1.6 |
||
claroline claroline 1.6_beta |
||
claroline claroline 1.7.5 |
||
claroline claroline 1.7.6 |
||
dokeos open source learning and knowledge management tool 1.6.5 |
||
dokeos open source learning and knowledge management tool 1.6_rc2 |
||
claroline claroline 1.7 |
||
dokeos open source learning and knowledge management tool 1.4 |
||
dokeos open source learning and knowledge management tool 1.5 |
||
dokeos open source learning and knowledge management tool 1.5.3 |
||
claroline claroline |
||
claroline claroline 1.4 |
||
claroline claroline 1.5 |
||
claroline claroline 1.7.1 |
||
claroline claroline 1.7.2 |
||
dokeos open source learning and knowledge management tool 1.5.4 |
||
dokeos open source learning and knowledge management tool 1.5.5 |
Vulmon