Posted by Egidio Romano on Dec 31

————————————————————–
Osclass <= 3.4.2 (ajax.php) Local File Inclusion Vulnerability
————————————————————–

[-] Software Link:

http://osclass.org/

[-] Affected Versions:

Version 3.4.2 and probably prior versions.

[-] Vulnerability Description:

The vulnerable code is located in the /oc-includes/osclass/controller/ajax.php script:

225. case…