Unrated severityNVD Advisory· Published Jan 25, 2006· Updated Jun 16, 2026
CVE-2006-0411
CVE-2006-0411
Description
claro_init_local.inc.php in Claroline 1.7.2 uses guessable session cookies (MD5 hash of connection time), which allows remote attackers to hijack sessions and possibly gain administrative privileges.
Affected products
2Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.