Drupal Opigno Static Code Injection Vulnerability Leading to PHP Local File Inclusion

Vulnerability

A vulnerability allowing improper neutralization of directives in statically saved code, known as static code injection, has been identified in the Drupal Opigno module. This issue allows PHP local file inclusion. The vulnerability affects Opigno versions 7.X-1.0 prior to 7.X-1.23.

Impact

Exploitation of this vulnerability could lead to PHP local file inclusion, allowing an attacker to include files from the local server into the application.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Drupal Opigno Static Code Injection Vulnerability Leading to PHP Local File Inclusion

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating