5 matches found
CVE-2012-5169
CVE-2012-5169 affects ATutor AContent (ATutor) prior to/including 1.2-2, specifically the file_manager/preview_top.php XSS via GET parameters pathext, popup, framed, or file. The flaw stems from improper sanitisation of user-controlled input returned to the browser, enabling arbitrary script exec...
ATutor 1.2 - Multiple Vulnerabilities
Advisory ID: HTB23117 Product: AContent Vendor: ATutor Vulnerable Versions: 1.2 and probably prior Tested Version: 1.2 Vendor Notification: September 26, 2012 Public Disclosure: October 17, 2012 Vulnerability Type: SQL Injection CWE-89, Improper Authentication CWE-287, Cross-Site Scripting CWE-79...
ATutor 1.2 - Multiple Vulnerabilities
ATutor 1.2 - Multiple Vulnerabilities Advisory ID: HTB23117 Product: AContent Vendor: ATutor Vulnerable Versions: 1.2 and probably prior Tested Version: 1.2 Vendor Notification: September 26, 2012 Public Disclosure: October 17, 2012 Vulnerability Type: SQL Injection CWE-89, Improper Authenticatio...
Multiple vulnerabilities in AContent
Advisory ID: HTB23117 Product: AContent Vendor: ATutor Vulnerable Versions: 1.2 and probably prior Tested Version: 1.2 Vendor Notification: September 26, 2012 Public Disclosure: October 17, 2012 Vulnerability Type: SQL Injection CWE-89, Improper Authentication CWE-287, Cross-Site Scripting CWE-79...
ATutor AContent 1.2 XSS / Authentication / SQL Injection
Advisory ID: HTB23117 Product: AContent Vendor: ATutor Vulnerable Versions: 1.2 and probably prior Tested Version: 1.2 Vendor Notification: September 26, 2012 Public Disclosure: October 17, 2012 Vulnerability Type: SQL Injection CWE-89, Improper Authentication CWE-287, Cross-Site Scripting CWE-79...