CVE-2006-7048

Name of the Vulnerable Software and Affected Versions Claroline version 1.7.5

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in several parameters, including the clarolineRepositorySys parameter to various PHP files in the claroline/auth/extauth/drivers/ directory, such as atutor.inc.php, db-generic.inc.php, docebo.inc.php, dokeos.1.6.inc.php, dokeos.inc.php, ganesha.inc.php, mambo.inc.php, moodle.inc.php, phpnuke.inc.php, postnuke.inc.php, and spip.inc.php. Additionally, the includePath parameter in mambo.inc.php, postnuke.inc.php, and inc/lib/event/init event manager.inc.php is vulnerable, as well as the rootSys parameter in inc/lib/export exe tracking.class.php.

Recommendations For Claroline version 1.7.5, consider disabling the vulnerable parameters, such as clarolineRepositorySys, includePath, and rootSys, until a patch is available. Restrict access to the affected PHP files in the claroline/auth/extauth/drivers/ directory to minimize the risk of exploitation. Avoid using the vulnerable parameters in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.