openUrgence Vaccin Multiple Remote File Include Vulnerabilities
openUrgence Vaccin is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input.
Exploiting these issues may allow a remote attacker to obtain sensitive information or compromise the application and the underlying computer; other attacks are also possible.
openUrgence Vaccin 1.03 is vulnerable; other versions may also be affected.
NOTE: This BID previously also documented a local file-include vulnerability affecting the 'dsn[phptype]' parameter of the 'scr/soustab.php' script. That issue is already covered in BID 23505 (openMairie Multiple Applications 'dsn[phptype]' Parameter Local File Include Vulnerability).