Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atutor atutor vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2012-5454
user/index_inline_editor_submit.php in ATutor AContent 1.2-1 does not properly restrict access, which allows remote authenticated users to modify arbitrary user passwords via a crafted request. NOTE: this might be due to an incomplete fix for CVE-2012-5168.
Atutor Acontent 1.2
383
VMScore
CVE-2010-3455
Cross-site scripting (XSS) vulnerability in index.php in AChecker 1.0 allows remote malicious users to inject arbitrary web script or HTML via the uri parameter.
Atutor Achecker 1.0
383
VMScore
CVE-2009-4941
Cross-site scripting (XSS) vulnerability in sign_in.php in ATRC ACollab 1.2 allows remote malicious users to inject arbitrary web script or HTML via the f parameter.
Atutor Acollab 1.2
668
VMScore
CVE-2009-4945
AdPeeps 8.5d1 has a default password of admin for the admin account, which makes it easier for remote malicious users to obtain access via requests to index.php.
Atutor Acollab 1.2
655
VMScore
CVE-2006-3996
SQL injection vulnerability in links/index.php in ATutor 1.5.3.1 and previous versions allows remote authenticated users to execute arbitrary SQL commands via the (1) desc or (2) asc parameters.
Adaptive Technology Resource Centre Atutor
1 EDB exploit
435
VMScore
CVE-2005-2649
Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote malicious users to inject arbitrary web script or HTML via (1) course parameter in login.php or (2) words parameter in search.php.
Adaptive Technology Resource Centre Atutor 1.5.1
1 EDB exploit
505
VMScore
CVE-2005-2956
ATutor 1.5.1, and possibly earlier versions, stores temporary chat logs under the web document root with insufficient access control and predictable filenames, which allows remote malicious users to obtain user chat conversations via direct requests to those files.
Adaptive Technology Resource Centre Atutor 1.5.1
1 EDB exploit
755
VMScore
CVE-2005-2954
SQL injection vulnerability in password_reminder.php in ATutor prior to 1.5.1 pl1 allows remote malicious users to execute arbitrary SQL commands via the email field.
Adaptive Technology Resource Centre Atutor 1.5.1
1 EDB exploit
409
VMScore
CVE-2005-2955
config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which allows authenticated administrators or educators to execute arbitrary code by uploading files with other executable extensions such as .inc, ....
Adaptive Technology Resource Centre Atutor 1.5.1
668
VMScore
CVE-2006-5734
Multiple PHP remote file inclusion vulnerabilities in ATutor 1.5.3.2 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) section parameter in (a) documentation/common/frame_toc.php and (b) documentation/common/search.php, the (2) req_lang parameter in ...
Adaptive Technology Resource Centre Atutor 1.5.3.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »