2 matches found
CVE-2010-2132
Open Education System (OES) 0.1 beta is affected by multiple PHP remote file inclusion vulnerabilities. The issue allows an attacker to cause remote PHP code execution by supplying a crafted URL to the CONF_INCLUDE_PATH parameter in specific scripts: forum/admin.php and plotgraph/index.php under ...
CVE-2007-1446
CVE-2007-1446 affects Open Education System (OES) 0.1beta. The vulnerability consists of multiple PHP remote file inclusion flaws that allow an attacker to execute arbitrary PHP code by supplying a URL via the CONF_INCLUDE_PATH parameter to files in includes/ (lib-account.inc.php, lib-file.inc.ph...