SRC-2016-0018 : ATutor LMS view_transcript File Disclosure Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability may allow remote attackers to execute arbitrary code on vulnerable installations of ATutor. Authentication is required to exploit this vulnerability however authentication bypass vulnerabilities are known and remote registration is open by default. The...