7 matches found
ATutor SQL Injection (CVE-2016-2555)
An SQL injection vulnerability exists in ATutor. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2016-2555
SQL injection vulnerability in include/lib/mysqlconnect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php...
CVE-2016-2555
SQL injection vulnerability in include/lib/mysqlconnect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php...
CVE-2016-2555
SQL injection vulnerability in include/lib/mysqlconnect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php...
ATutor 2.2.1 - SQL Injection / Remote Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'ATutor 2.2.1 SQL Injection / Remote Code Execution', 'Description' = %q This module exploits a SQL Injection vulnerability and an...
CVE-2016-2555
creationtimestamp| type| source ---|---|--- 2016-03-01 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39514 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/atutorsqli.rb 2018-05-29 15:50:33+00:00| seen|...
ATutor 2.2.1 SQL Injection / Remote Code Execution
This module exploits a SQL Injection vulnerability and an authentication weakness vulnerability in ATutor. This essentially means an attacker can bypass authentication and reach the administrator's interface where they can upload malicious code. This module requires Metasploit:...