Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atutor atutor vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2005-3403
Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.1 up to and including 1.5.1-pl1 allow remote malicious users to inject arbitrary web script or HTML via (1) the _base_href parameter in translate.php, (2) the _base_path parameter in news.inc.php, and (3) the p par...
Adaptive Technology Resource Centre Atutor 1.4.2
Adaptive Technology Resource Centre Atutor 1.4.3
Adaptive Technology Resource Centre Atutor 1.4.1
Adaptive Technology Resource Centre Atutor 1.5.1
Adaptive Technology Resource Centre Atutor 1.5.1 Pl1
7.5
CVSSv2
CVE-2005-3404
Multiple PHP file inclusion vulnerabilities in ATutor 1.4.1 up to and including 1.5.1-pl1 allow remote malicious users to include arbitrary files via the section parameter followed by a null byte (%00) in (1) body_header.inc.php and (2) print.php.
Adaptive Technology Resource Centre Atutor 1.4.1
Adaptive Technology Resource Centre Atutor 1.5.1 Pl1
Adaptive Technology Resource Centre Atutor 1.4.3
Adaptive Technology Resource Centre Atutor 1.5.1
Adaptive Technology Resource Centre Atutor 1.4.2
2 EDB exploits
7.5
CVSSv2
CVE-2005-2954
SQL injection vulnerability in password_reminder.php in ATutor prior to 1.5.1 pl1 allows remote malicious users to execute arbitrary SQL commands via the email field.
Adaptive Technology Resource Centre Atutor 1.5.1
1 EDB exploit
5
CVSSv2
CVE-2005-2956
ATutor 1.5.1, and possibly earlier versions, stores temporary chat logs under the web document root with insufficient access control and predictable filenames, which allows remote malicious users to obtain user chat conversations via direct requests to those files.
Adaptive Technology Resource Centre Atutor 1.5.1
1 EDB exploit
4.6
CVSSv2
CVE-2005-2955
config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which allows authenticated administrators or educators to execute arbitrary code by uploading files with other executable extensions such as .inc, ....
Adaptive Technology Resource Centre Atutor 1.5.1
4.3
CVSSv2
CVE-2005-2649
Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote malicious users to inject arbitrary web script or HTML via (1) course parameter in login.php or (2) words parameter in search.php.
Adaptive Technology Resource Centre Atutor 1.5.1
1 EDB exploit
4.3
CVSSv2
CVE-2005-2044
Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.3 and 1.5 RC 1 allow remote malicious users to inject arbitrary web script or HTML via the (1) show_course parameter to browse.php, (2) subject parameter to contact.php, (3) cid parameter to content.php, (4) l para...
Adaptive Technology Resource Centre Atutor 1.5 Rc 1
Adaptive Technology Resource Centre Atutor 1.4.3
9 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6