Summary: [www.miller-group.net] The Miller Group, Inc. announces the release of Centre, a free student information system for public and non-public schools. Centre is a web-based, open source, student management product with features that include scheduling, grade book, attendance, eligibility, transcripts, and more. And, of course, student and employee information screens are critical components of Centre. Version: 1.0 Exploit: There is no sanity checking anywhere in Centre. In effect an unprivileged user can change administrator options and could lead to privilege escalation. This includes but is not limited to creating new accounts: http://demo.miller-group.net/index.php?modfunc=create_account&staff&username=admin&staff_id=new There is also improper checking in the modules.php file this could allow PHP script injection. No validation is done on the module path. Fix: Disable centre until an update is released (the problems are too extensive).