CVE-2006-0411
CVE-2006-0411 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
claro_init_local.inc.php in Claroline 1.7.2 uses guessable session cookies (MD5 hash of connection time), which allows remote attackers to hijack sessions and possibly gain administrative privileges.
Learn more about our Web Application Penetration Testing UK.