Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atutor acontent 1.2 vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2012-5167
Multiple SQL injection vulnerabilities in ATutor AContent prior to 1.2-1 allow remote malicious users to execute arbitrary SQL commands via the (1) field parameter to course_category/index_inline_editor_submit.php or (2) user/index_inline_editor_submit.php; or (3) id parameter to...
Atutor Acontent
1 EDB exploit
383
VMScore
CVE-2012-5169
Multiple cross-site scripting (XSS) vulnerabilities in file_manager/preview_top.php in ATutor AContent prior to 1.2-2 allow remote malicious users to inject arbitrary web script or HTML via the (1) pathext, (2) popup, (3) framed, or (4) file parameter.
Atutor Acontent
Atutor Acontent 1.2
655
VMScore
CVE-2012-5453
SQL injection vulnerability in user/index_inline_editor_submit.php in ATutor AContent 1.2-1 allows remote authenticated users to execute arbitrary SQL commands via the field parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-5167.
Atutor Acontent 1.2
1 EDB exploit
668
VMScore
CVE-2012-5168
ATutor AContent prior to 1.2-1 allows remote malicious users to modify arbitrary user passwords or category names via a direct request to (1) user/index_inline_editor_submit.php or (2) course_category/index_inline_editor_submit.php.
Atutor Acontent
578
VMScore
CVE-2012-5454
user/index_inline_editor_submit.php in ATutor AContent 1.2-1 does not properly restrict access, which allows remote authenticated users to modify arbitrary user passwords via a crafted request. NOTE: this might be due to an incomplete fix for CVE-2012-5168.
Atutor Acontent 1.2
NA
CVE-2012-51682
ATutor AContent versions 1.2 and below suffer from improper authentication, cross site scripting, and remote SQL injection vulnerabilities.
NA
CVE-2012-51671
ATutor AContent versions 1.2 and below suffer from improper authentication, cross site scripting, and remote SQL injection vulnerabilities.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started