Lucene search
GoogleOSV:CVE-2019-12169HistoryJun 03, 2019 - 8:29 p.m.
CVE-2019-12169
2019-06-0320:29:00
Google
osv.dev
3
ATutor 2.2.4 allows Arbitrary File Upload and Directory Traversal, resulting in remote code execution via a “…” pathname in a ZIP archive to the mods/_core/languages/language_import.php (aka Import New Language) or mods/_standard/patcher/index_admin.php (aka Patcher) component.
References
incidentsecurity.com/atutor-2-2-4-language_import-arbitrary-file-upload-rce/
packetstormsecurity.com/files/153870/ATutor-2.2.4-Arbitrary-File-Upload-Command-Execution.html
packetstormsecurity.com/files/158246/ATutor-2.2.4-Directory-Traversal-Remote-Code-Execution.html
github.com/fuzzlove
github.com/fuzzlove/ATutor-2.2.4-Language-Exploit
Related
zdt
zdt
ATutor 2.2.4 Arbitrary File Upload / Command Execution Exploit
2019-08-06 00:00:00
ATutor 2.2.4 Directory Traversal / Remote Code Execution Exploit
2020-06-30 00:00:00
0daydb
0daydb
ATutor 2.2.4 CVE-2019-12169 - Remote Code Execution
2020-07-02 15:41:43
FTPShell Server 6.90 - Buffer Overflow
2020-07-02 15:44:35
Inductive Automation Ignition - Remote Code Execution
2020-06-28 01:09:34
packetstorm
packetstorm
ATutor 2.2.4 Directory Traversal / Remote Code Execution
2020-06-30 00:00:00
ATutor 2.2.4 Arbitrary File Upload / Command Execution
2019-08-05 00:00:00
metasploit
metasploit
ATutor 2.2.4 - Directory Traversal / Remote Code Execution,
2020-06-12 20:02:00
prion
prion
Directory traversal
2019-06-03 20:29:00
cvelist
cvelist
CVE-2019-12169
2019-06-03 20:00:28
nvd
nvd
CVE-2019-12169
2019-06-03 20:29:00
cve
cve
CVE-2019-12169
2019-06-03 20:29:00
githubexploit
githubexploit
Exploit for Path Traversal in Atutor
2019-05-24 05:15:17
Exploit for Unrestricted Upload of File with Dangerous Type in Atutor
2019-05-13 06:01:47