CVE-2006-1594

Name of the Vulnerable Software and Affected Versions: Claroline versions 1.7.4 and earlier

Description: The issue allows remote attackers to perform directory traversal attacks using ".." (dot dot) sequences. This can be achieved in two ways: (1) by reading arbitrary files via the file parameter in a rqEditHtml command to "document/rqmkhtml.php", or (2) by executing arbitrary code via the includePath parameter to "learnPath/include/scormExport.inc.php".

Recommendations: For Claroline versions 1.7.4 and earlier, consider restricting access to the document/rqmkhtml.php and learnPath/include/scormExport.inc.php files until a patch is available. As a temporary workaround, avoid using the file and includePath parameters in the affected API endpoints. At the moment, there is no information about a newer version that contains a fix for this vulnerability.