CVE-2004-1592

Name of the Vulnerable Software and Affected Versions ocPortal versions 1.0.3 and earlier

Description The issue allows remote attackers to execute arbitrary PHP code by modifying the req path parameter to reference a URL on a remote web server that contains a malicious funcs.php script.

Recommendations For versions 1.0.3 and earlier, update to a version later than 1.0.3 to resolve the issue.