CVE-2024-13265

CVE-2024-13265 affects the Opigno Learning Path module used with Drupal. According to the connected documents, the issue is caused by improper neutralization of directives in statically saved code (static code injection), which allows PHP Local File Inclusion and can enable arbitrary code executi...

CVE-2024-13265 Opigno Learning path - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-029

Improper Neutralization of Directives in Statically Saved Code 'Static Code Injection' vulnerability in Drupal Opigno Learning path allows PHP Local File Inclusion.This issue affects Opigno Learning path: from 0.0.0 before 3.1.2...

CVE-2024-13265 Opigno Learning path - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-029

Improper Neutralization of Directives in Statically Saved Code 'Static Code Injection' vulnerability in Drupal Opigno Learning path allows PHP Local File Inclusion.This issue affects Opigno Learning path: from 0.0.0 before 3.1.2...

Drupal 安全漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Opigno Learning path prior to version 3.1.2, which stems from an unsuccessful neutralization of directives in statically saved code, resulting in a...

DRUPAL-CONTRIB-2024-029

The Opigno Learning Path module enables you to manage group content. Administrative forms allow uploading malicious files which may contain arbitrary code RCE or cross site scriptiong XSS. These forms were not adequately controlled with permissions that communicate the severity of the permission...

Opigno Learning path - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-029

The Opigno Learning Path module enables you to manage group content. Administrative forms allow uploading malicious files which may contain arbitrary code RCE or cross site scriptiong XSS. These forms were not adequately controlled with permissions that communicate the severity of the permission...

Drupal Opigno Learning path module < 3.1.2 - Authenticated Remote Code Execution (RCE) vulnerability

Authenticated Remote Code Execution RCE vulnerability discovered by Marcin Grabias in WordPress Module Opigno Learning path versions 3.1.2...

PT-2024-10350 · Unknown · Opigno Learning Path

Name of the Vulnerable Software and Affected Versions: Opigno Learning path versions 0.0.0 through 3.1.2 Description: The issue is related to improper neutralization of directives in statically saved code, also known as 'static code injection', which allows for PHP Local File Inclusion. This can...