Open Educational System 'CONF_INCLUDE_PATH' Parameter Multiple Remote File Include Vulnerabilities

Open Educational System is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to compromise the application and the computer; other attacks are also possible.

Open Educational System 0.1 beta and prior versions are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus