CVE-2006-0411

CVE-2006-0411 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

claro_init_local.inc.php in Claroline 1.7.2 uses guessable session cookies (MD5 hash of connection time), which allows remote attackers to hijack sessions and possibly gain administrative privileges.

Learn more about our Web Application Penetration Testing UK.