530 matches found
EUVD-2012-5373
Malware in sbrugna...
EUVD-2006-3815
Malware in sbrugna...
EUVD-2017-15540
Malware in sbrugna...
EUVD-2012-5090
Malware in sbrugna...
EUVD-2017-1340
Malware in sbrugna...
EUVD-2006-3479
Malware in sbrugna...
EUVD-2017-6457
Malware in sbrugna...
EUVD-2005-3403
Malware in sbrugna...
EUVD-2019-16717
Malware in sbrugna...
EUVD-2005-4150
Malware in sbrugna...
EUVD-2021-30429
Malicious code in bioql PyPI...
EUVD-2024-0577
Malicious code in bioql PyPI...
VulnCheck KEV: CVE-2023-27008
A Cross-site scripting XSS vulnerability in the function encryptpassword in login.tmpl.php in ATutor 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter...
Exploit for Cross-site Scripting in Atmail
AWAE/OSWE Preparation for coming AWAE Training. Work in progress... Atmail Mail Server Appliance: from XSS to RCE 6.4 CVE-2012-2593 - https://www.exploit-db.com/exploits/20009 - https://github.com/sourceincite/poc/blob/master/SRC-2016-0012.py ATutor Authentication Bypass and RCE 2.2.1 CVE-2016-25...
CVE-2023-27008
A Cross-site scripting XSS vulnerability in the function encryptpassword in login.tmpl.php in ATutor 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter...
CVE-2021-43498
An Access Control vulnerability exists in ATutor 2.2.4 in passwordreminder.php when the g, id, h, formpasswordhidden, and formchange HTTP POST parameters are set...
CVE-2011-3706
ATutor 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by users/toolsettings.inc.php and certain other files...
CVE-2019-12170
ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/core/backups/upload.php aka backup component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the system using a crafted backup ZIP archive. This will allow for PH...
CVE-2019-12169
ATutor 2.2.4 allows Arbitrary File Upload and Directory Traversal, resulting in remote code execution via a ".." pathname in a ZIP archive to the mods/core/languages/languageimport.php aka Import New Language or mods/standard/patcher/indexadmin.php aka Patcher component...
CVE-2017-14981
Cross-Site Scripting XSS was discovered in ATutor before 2.2.3. The vulnerability exists due to insufficient filtration of data url in /mods/standard/rssfeeds/editfeed.php. An attacker could inject arbitrary HTML and script code into a browser in the context of the vulnerable website...