6.5
CVSSv2

CVE-2008-3368

Published: 30/07/2008 Updated: 29/09/2017
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
VMScore: 655
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Summary

PHP remote file inclusion vulnerability in tools/packages/import.php in ATutor 1.6.1 pl1 and previous versions allows remote authenticated administrators to execute arbitrary PHP code via a URL in the type parameter.

Affected Products

Vendor Product Versions
AtutorAtutor0.9.6, 0.9.7, 1.0, 1.2.1, 1.2.2, 1.3, 1.3.1, 1.3.2, 1.3.3, 1.4, 1.4.1, 1.4.2, 1.4.3, 1.5.1, 1.5.2, 1.5.3, 1.5.3.1, 1.5.3.2, 1.5.4, 1.5.5, 1.6, 1.6.1

Exploits

##################################################################################### #### ATutor Course Server Rfi #### ##################################################################################### # # #AUTHO ...