eFront <= 3.6.10 (student.php) PHP Code Injection Vulnerability

Description:

eFront contains a flaw related to the student.php script which fails to properly sanitize user-supplied input passed via the ‘course’ and ‘from_course’ parameters before use it to instanciate a new EfrontCourse object. This can be exploited to inject and execute arbitrary PHP code.

References:

BID-50391
EDB-18036
http://forum.efrontlearning.net/viewtopic.php?t=3501

Disclosure Date:

October 27, 2011