7.5
CVSSv2

CVE-2016-2555

Published: 13/04/2017 Updated: 08/09/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 797
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote malicious users to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.

Vulnerability Trend

Affected Products

Vendor Product Versions
AtutorAtutor2.2.1

Exploits

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper def initialize(info={}) super(updat ...

Metasploit Modules

ATutor 2.2.1 SQL Injection / Remote Code Execution

This module exploits a SQL Injection vulnerability and an authentication weakness vulnerability in ATutor. This essentially means an attacker can bypass authentication and reach the administrator's interface where they can upload malicious code.

msf > use exploit/multi/http/atutor_sqli
      msf exploit(atutor_sqli) > show targets
            ...targets...
      msf exploit(atutor_sqli) > set TARGET <target-id>
      msf exploit(atutor_sqli) > show options
            ...show and set options...
      msf exploit(atutor_sqli) > exploit

Github Repositories

AWAE/OSWE Preparation for coming AWAE Training Work in progress Course syllabus wwwoffensive-securitycom/documentation/awae-syllabuspdf Atmail Mail Server Appliance: from XSS to RCE (64) CVE-2012-2593 wwwexploit-dbcom/exploits/20009 githubcom/sourceincite/poc/blob/master/SRC-2016-0012py ATutor Authentication Bypass and RCE (221) CVE-201

AWAE/OSWE Preparation for coming AWAE Training Work in progress Atmail Mail Server Appliance: from XSS to RCE (64) CVE-2012-2593 wwwexploit-dbcom/exploits/20009 githubcom/sourceincite/poc/blob/master/SRC-2016-0012py ATutor Authentication Bypass and RCE (221) CVE-2016-2555 Install: sourceforgenet/projects/atutor/files/atutor_2_2_1/