Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability in Drupal Opigno TinCan Question Type allows PHP Local File Inclusion.This issue affects Opigno TinCan Question Type: from 7.X-1.0 before 7.X-1.3.
References
History

Wed, 27 Aug 2025 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Opigno
Opigno tincan Question Type
CPEs cpe:2.3:a:opigno:tincan_question_type:*:*:*:*:*:drupal:*:*
Vendors & Products Opigno
Opigno tincan Question Type

Tue, 14 Jan 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 09 Jan 2025 19:30:00 +0000

Type Values Removed Values Added
Description Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability in Drupal Opigno TinCan Question Type allows PHP Local File Inclusion.This issue affects Opigno TinCan Question Type: from 7.X-1.0 before 7.X-1.3.
Title Opigno TinCan Question Type - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-031
Weaknesses CWE-96
References

cve-icon MITRE

Status: PUBLISHED

Assigner: drupal

Published:

Updated: 2025-01-14T17:02:43.767Z

Reserved: 2025-01-09T18:28:02.688Z

Link: CVE-2024-13267

cve-icon Vulnrichment

Updated: 2025-01-14T17:02:39.804Z

cve-icon NVD

Status : Analyzed

Published: 2025-01-09T20:15:35.470

Modified: 2025-08-27T19:43:43.453

Link: CVE-2024-13267

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.