Summary
OWL's workshop is a web-based educational tool written in PHP.
There is a vulnerability in the current version of this software which allows an attacker to retrieve arbitrary files from the webserver with its priviledges.
Solution
None at this time - disable this software.
Severity
Classification
-
CVE CVE-2004-0302, CVE-2004-0303 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability
- Adobe Presenter viewer.swf and loadflash.js XSS Vulnerability
- Apache Open For Business HTML injection vulnerability
- Apache Tomcat Login Constraints Security Bypass Vulnerability
- Admidio get_file.php Remote File Disclosure Vulnerability