Online Grades Multiple Local File Include Vulnerabilities Network Vulnerability

Summary

Online Grades is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker with admin access can exploit these vulnerabilities to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer other attacks are also possible. Online Grades 3.2.5 and prior are vulnerable.

References

http://www.onlinegrades.org/
https://www.securityfocus.com/bid/44399

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-2037

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe ColdFusion Multiple Path Disclosure Vulnerabilities
2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities
Apache Struts2/XWork Remote Command Execution Vulnerability
Apache Archiva Home Page Cross-Site Scripting vulnerability
An Image Gallery Directory Traversal Vulnerability

Take action and discover your vulnerabilities