Lucene search

K
srcinciteSteven Seeley of Source InciteSRC-2017-0004
HistoryDec 10, 2016 - 12:00 a.m.

SRC-2017-0004 : AContent Directory Traversal Information Disclosure and Remote Code Execution Vulnerabilities

2016-12-1000:00:00
Steven Seeley of Source Incite
srcincite.io
8
acontent
vulnerabilities
disclosure
remote code execution
atutor
authentication
directory traversal
information
arbitrary code
update

AI Score

8.3

Confidence

Low

Vulnerability Details:

These vulnerabilities allow remote attackers to disclose information or execute arbitrary code on vulnerable installations of AContent. Authentication is required to exploit the remote code execution vulnerabilities, however account registration is open by default.

The tool_provider_outcome.php script allows a remote attacker to use a directory traversal in the url parameter to disclose information. The question_import.php, ims_import.php and import_test.php scripts allow a remote attacker to upload a specially crafted zip file containing directory traversals. An attacker could leverage this to execute arbitrary code under the context of the web server.

Affected Vendors:

ATutor

Affected Products:

AContent

Vendor Response:

ATutor has issued two updates to correct these vulnerabilities. More details can be found at:

AI Score

8.3

Confidence

Low