Traq <= 2.3 Authentication Bypass / PHP Code Injection Vulnerability


Traq contains a flaw that allows a remote attacker to execute arbitrary PHP code. The flaw is caused due to admin rights not properly being restricted in the authenticate() function defined in admincp/common.php. This allows attackers to bypass the authentication mechanism and have access to admin functionalities, resulting in execution of arbitrary PHP code.


Disclosure Date:

December 7, 2011