ATutor 1.x - 'print.php?section' Remote File Inclusion
| EKU-ID: 31748 | CVE: CVE-2005-3404;OSVDB-20346 | OSVDB-ID: |
| Author: Andreas Sandblad | Published: 2005-10-27 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 31748 | CVE: CVE-2005-3404;OSVDB-20346 | OSVDB-ID: |
| Author: Andreas Sandblad | Published: 2005-10-27 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/15221/info ATutor is prone to multiple vulnerabilities. These issues can allow remote attackers to execute arbitrary PHP commands and carry out local file include and cross-site scripting attacks. ATutor 1.5.1-pl1 and prior versions are affected. http://www.example.com/documentation/common/print.php?section=[file]%00