Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atutor vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-4945
AdPeeps 8.5d1 has a default password of admin for the admin account, which makes it easier for remote malicious users to obtain access via requests to index.php.
Atutor Acollab 1.2
6.5
CVSSv2
CVE-2012-5453
SQL injection vulnerability in user/index_inline_editor_submit.php in ATutor AContent 1.2-1 allows remote authenticated users to execute arbitrary SQL commands via the field parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-5167.
Atutor Acontent 1.2
1 EDB exploit
6.5
CVSSv2
CVE-2012-5454
user/index_inline_editor_submit.php in ATutor AContent 1.2-1 does not properly restrict access, which allows remote authenticated users to modify arbitrary user passwords via a crafted request. NOTE: this might be due to an incomplete fix for CVE-2012-5168.
Atutor Acontent 1.2
4.3
CVSSv2
CVE-2009-4944
Multiple cross-site scripting (XSS) vulnerabilities in ATRC ACollab 1.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) address parameter to profile.php or the (2) description parameter to events/add_event.php. NOTE: the provenance of this informat...
Atutor Acollab 1.2
6.5
CVSSv2
CVE-2006-3996
SQL injection vulnerability in links/index.php in ATutor 1.5.3.1 and previous versions allows remote authenticated users to execute arbitrary SQL commands via the (1) desc or (2) asc parameters.
Adaptive Technology Resource Centre Atutor
1 EDB exploit
7.5
CVSSv2
CVE-2005-4155
registration.PHP in ATutor 1.5.1 pl2 allows remote malicious users to execute arbitrary SQL commands via an e-mail address that ends in a NULL character, which bypasses the PHP regular expression check. NOTE: it is possible that this is actually a bug in PHP code, in which case t...
Adaptive Technology Resource Centre Atutor 1.5.1 Pl2
1 EDB exploit
7.5
CVSSv2
CVE-2006-5734
Multiple PHP remote file inclusion vulnerabilities in ATutor 1.5.3.2 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) section parameter in (a) documentation/common/frame_toc.php and (b) documentation/common/search.php, the (2) req_lang parameter in ...
Adaptive Technology Resource Centre Atutor 1.5.3.2
4.3
CVSSv2
CVE-2005-2649
Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote malicious users to inject arbitrary web script or HTML via (1) course parameter in login.php or (2) words parameter in search.php.
Adaptive Technology Resource Centre Atutor 1.5.1
1 EDB exploit
7.5
CVSSv2
CVE-2006-3662
SQL injection vulnerability in index.php in ATutor 1.5.3 allows remote malicious users to execute arbitrary SQL commands via the fid parameter. NOTE: this issue has been disputed by the vendor, who states "The mentioned SQL injection vulnerability is not possible." Howe...
Adaptive Technology Resource Centre Atutor 1.5.3
1 EDB exploit
4.6
CVSSv2
CVE-2005-2955
config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which allows authenticated administrators or educators to execute arbitrary code by uploading files with other executable extensions such as .inc, ....
Adaptive Technology Resource Centre Atutor 1.5.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2108
CVE-2024-31061
CVE-2024-25959
CVE-2023-45866
injection
IDOR
memory leak
CVE-2024-1086
CVE-2023-42931
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »