Traq <= 2.3 Authentication Bypass / PHP Code Injection Vulnerability

Description:

Traq contains a flaw that allows a remote attacker to execute arbitrary PHP code. The flaw is caused due to admin rights not properly being restricted in the authenticate() function defined in admincp/common.php. This allows attackers to bypass the authentication mechanism and have access to admin functionalities, resulting in execution of arbitrary PHP code.

References:

• BID-50961
• EDB-18213

Disclosure Date:

December 7, 2011