Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2026/01/09 10:9 a.m.10 views

CVE-2019-11446

An issue was discovered in ATutor through 2.2.4. It allows the user to run commands on the server with the teacher user privilege. The Upload Files section in the File Manager field contains an arbitrary file upload vulnerability via upload.php. The $IllegalExtensions value only lists lowercase a...

8.8CVSS7.3AI score0.07948EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2021/11/22 12:0 a.m.3 views

PT-2022-11301 · Alt Linux · Alt Linux

Name of the Vulnerable Software and Affected Versions: ALT Linux affected versions not specified Description: The issue is related to insufficient capability checks, allowing teachers to download users outside of their courses. This suggests a problem with access control or permissions within the...

9.8CVSS5.6AI score0.02383EPSS
Exploits0References25
osv
osv
added 2019/04/22 11:29 a.m.15 views

CVE-2019-11446

An issue was discovered in ATutor through 2.2.4. It allows the user to run commands on the server with the teacher user privilege. The Upload Files section in the File Manager field contains an arbitrary file upload vulnerability via upload.php. The $IllegalExtensions value only lists lowercase a...

8.8CVSS7.2AI score
Exploits0References2
exploitdb
exploitdb
added 2019/04/12 12:0 a.m.60 views

ATutor < 2.2.4 - 'file_manager' Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ATutor %q This module allows the user to run commands on the server with teacher user privilege. The 'Upload files' section in the 'File Manager'...

7.4AI score
Exploits0
Rows per page
Query Builder