Lucene search
K

7 matches found

Check Point Advisories
Check Point Advisories
added 2020/08/24 12:0 a.m.3 views

ATutor SQL Injection (CVE-2016-2555)

An SQL injection vulnerability exists in ATutor. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.5AI score0.79622EPSS
Exploits7
NVD
NVD
added 2017/04/13 2:59 p.m.20 views

CVE-2016-2555

SQL injection vulnerability in include/lib/mysqlconnect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php...

9.8CVSS9.9AI score0.79622EPSS
Exploits7References5
OSV
OSV
added 2017/04/13 2:59 p.m.17 views

CVE-2016-2555

SQL injection vulnerability in include/lib/mysqlconnect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php...

9.8CVSS8.7AI score
Exploits0References5
Cvelist
Cvelist
added 2017/04/13 2:0 p.m.25 views

CVE-2016-2555

SQL injection vulnerability in include/lib/mysqlconnect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php...

10AI score0.79622EPSS
Exploits7References5
Exploit DB
Exploit DB
added 2016/03/01 12:0 a.m.56 views

ATutor 2.2.1 - SQL Injection / Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'ATutor 2.2.1 SQL Injection / Remote Code Execution', 'Description' = %q This module exploits a SQL Injection vulnerability and an...

9.8CVSS7.4AI score0.79622EPSS
Exploits7
Circl
Circl
added 2016/03/01 12:0 a.m.30 views

CVE-2016-2555

creationtimestamp| type| source ---|---|--- 2016-03-01 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39514 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/atutorsqli.rb 2018-05-29 15:50:33+00:00| seen|...

9.8CVSS8.6AI score0.79622EPSS
Exploits7References3
Metasploit
Metasploit
added 2016/02/29 8:59 p.m.40 views

ATutor 2.2.1 SQL Injection / Remote Code Execution

This module exploits a SQL Injection vulnerability and an authentication weakness vulnerability in ATutor. This essentially means an attacker can bypass authentication and reach the administrator's interface where they can upload malicious code. This module requires Metasploit:...

9.8CVSS1AI score0.79622EPSS
Exploits7
Rows per page
Query Builder