Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atutor atutor vulnerabilities and exploits
(subscribe to this query)
802
VMScore
CVE-2019-12170
ATutor up to and including 2.2.4 is vulnerable to arbitrary file uploads via the mods/_core/backups/upload.php (aka backup) component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the system using a crafted backup ZIP...
Atutor Atutor
2 Github repositories
760
VMScore
CVE-2005-3404
Multiple PHP file inclusion vulnerabilities in ATutor 1.4.1 up to and including 1.5.1-pl1 allow remote malicious users to include arbitrary files via the section parameter followed by a null byte (%00) in (1) body_header.inc.php and (2) print.php.
Adaptive Technology Resource Centre Atutor 1.4.1
Adaptive Technology Resource Centre Atutor 1.5.1 Pl1
Adaptive Technology Resource Centre Atutor 1.4.3
Adaptive Technology Resource Centre Atutor 1.5.1
Adaptive Technology Resource Centre Atutor 1.4.2
2 EDB exploits
759
VMScore
CVE-2016-2555
SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote malicious users to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.
Atutor Atutor 2.2.1
1 EDB exploit
12 Github repositories
755
VMScore
CVE-2012-5167
Multiple SQL injection vulnerabilities in ATutor AContent prior to 1.2-1 allow remote malicious users to execute arbitrary SQL commands via the (1) field parameter to course_category/index_inline_editor_submit.php or (2) user/index_inline_editor_submit.php; or (3) id parameter to...
Atutor Acontent
1 EDB exploit
755
VMScore
CVE-2006-3662
SQL injection vulnerability in index.php in ATutor 1.5.3 allows remote malicious users to execute arbitrary SQL commands via the fid parameter. NOTE: this issue has been disputed by the vendor, who states "The mentioned SQL injection vulnerability is not possible." Howe...
Adaptive Technology Resource Centre Atutor 1.5.3
1 EDB exploit
755
VMScore
CVE-2005-4155
registration.PHP in ATutor 1.5.1 pl2 allows remote malicious users to execute arbitrary SQL commands via an e-mail address that ends in a NULL character, which bypasses the PHP regular expression check. NOTE: it is possible that this is actually a bug in PHP code, in which case t...
Adaptive Technology Resource Centre Atutor 1.5.1 Pl2
1 EDB exploit
755
VMScore
CVE-2005-3405
ATutor 1.4.1 up to and including 1.5.1-pl1 allows remote malicious users to execute arbitrary PHP functions via a direct request to forum.inc.php with a modified addslashes parameter with either the (1) asc or (2) desc parameters set, possibly due to an eval injection vulnerabili...
1 EDB exploit
755
VMScore
CVE-2005-2954
SQL injection vulnerability in password_reminder.php in ATutor prior to 1.5.1 pl1 allows remote malicious users to execute arbitrary SQL commands via the email field.
Adaptive Technology Resource Centre Atutor 1.5.1
1 EDB exploit
685
VMScore
CVE-2016-2539
Cross-site request forgery (CSRF) vulnerability in install_modules.php in ATutor prior to 2.2.2 allows remote malicious users to hijack the authentication of users for requests that upload arbitrary files and execute arbitrary PHP code via vectors involving a crafted zip file.
Atutor Atutor
1 EDB exploit
668
VMScore
CVE-2014-9753
confirm.php in ATutor 2.2 and previous versions allows remote malicious users to bypass authentication and gain access as an existing user via the auto_login parameter.
Atutor Atutor
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »