Yurii Boichenko

**Name of the Vulnerable Software and Affected Versions** Opigno group manager versions 0.0.0 through 3.1.1 **Description** The issue is related to the improper neutralization of directives in statically saved code, also known as 'static code injection', which allows for PHP Local File Inclusion in the Opigno group manager. **Recommendations** For Opigno group manager versions 0.0.0 through 3.1.1, update to a version newer than 3.1.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Opigno TinCan Question Type versions 7.X-1.0 through 7.X-1.2 **Description** The issue is related to improper neutralization of directives in statically saved code, also known as 'Static Code Injection', which allows PHP Local File Inclusion. This can potentially be exploited to access sensitive files on the server. **Recommendations** For Opigno TinCan Question Type versions 7.X-1.0 through 7.X-1.2, update to version 7.X-1.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Drupal Opigno versions 7.X-1.0 through 7.X-1.23 **Description** The issue is related to improper neutralization of directives in statically saved code, also known as 'Static Code Injection', which allows PHP Local File Inclusion. This can be exploited by a remote attacker to execute arbitrary code. **Recommendations** For versions 7.X-1.0 through 7.X-1.23, update to version 7.X-1.23 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Opigno Learning path versions 0.0.0 through 3.1.2 **Description** The issue is related to improper neutralization of directives in statically saved code, also known as 'static code injection', which allows for PHP Local File Inclusion. This can enable a remote attacker to execute arbitrary code. The vulnerability is associated with errors in input data processing during code syntax analysis. **Recommendations** For Opigno Learning path versions 0.0.0 through 3.1.2, update to a version newer than 3.1.2 to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Opigno module versions 0.0.0 through 3.1.2 **Description** The issue is related to improper neutralization of directives in statically saved code, also known as 'Static Code Injection', which can lead to PHP Local File Inclusion. This allows a remote attacker to execute arbitrary code. **Recommendations** For Opigno module versions 0.0.0 through 3.1.2, update to version 3.1.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the Opigno module until a patch is applied.