Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atutor acontent 1.2 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2012-5169
Multiple cross-site scripting (XSS) vulnerabilities in file_manager/preview_top.php in ATutor AContent prior to 1.2-2 allow remote malicious users to inject arbitrary web script or HTML via the (1) pathext, (2) popup, (3) framed, or (4) file parameter.
Atutor Acontent 1.2
Atutor Acontent
655
VMScore
CVE-2012-5453
SQL injection vulnerability in user/index_inline_editor_submit.php in ATutor AContent 1.2-1 allows remote authenticated users to execute arbitrary SQL commands via the field parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-5167.
Atutor Acontent 1.2
1 EDB exploit
578
VMScore
CVE-2012-5454
user/index_inline_editor_submit.php in ATutor AContent 1.2-1 does not properly restrict access, which allows remote authenticated users to modify arbitrary user passwords via a crafted request. NOTE: this might be due to an incomplete fix for CVE-2012-5168.
Atutor Acontent 1.2
755
VMScore
CVE-2012-5167
Multiple SQL injection vulnerabilities in ATutor AContent prior to 1.2-1 allow remote malicious users to execute arbitrary SQL commands via the (1) field parameter to course_category/index_inline_editor_submit.php or (2) user/index_inline_editor_submit.php; or (3) id parameter to...
Atutor Acontent
1 EDB exploit
668
VMScore
CVE-2012-5168
ATutor AContent prior to 1.2-1 allows remote malicious users to modify arbitrary user passwords or category names via a direct request to (1) user/index_inline_editor_submit.php or (2) course_category/index_inline_editor_submit.php.
Atutor Acontent
NA
CVE-2012-51682
ATutor AContent versions 1.2 and below suffer from improper authentication, cross site scripting, and remote SQL injection vulnerabilities.
NA
CVE-2012-51671
ATutor AContent versions 1.2 and below suffer from improper authentication, cross site scripting, and remote SQL injection vulnerabilities.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started