Description

PHP remote file inclusion vulnerability in learnPath/include/scormExport.inc.php in Claroline 1.7.4 and earlier allows remote attackers to execute arbitrary PHP code via the includePath parameter.

Remediation

References

CVE-2006-1596

Related Vulnerabilities

phpMyFAQ Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2018-16651)

IBM WebSEAL Improper Input Validation Vulnerability (CVE-2019-4036)

Oracle Database Server CVE-2007-5514 Vulnerability (CVE-2007-5514)

WordPress Plugin Image News slider 'upload.php' Arbitrary File Upload (3.3)

WordPress Plugin Click to Copy Grab Box Multiple Cross-Site Scripting Vulnerabilities (0.1.1)

Severity

High

Classification

CVE-2006-1596

Tags

Missing Update Known Vulnerabilities