Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Atutor Multiple Vulnerabilities
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host is running Atutor and is prone to information disclosure, SQL injection, and cross site scripting vulnerabilities.
Insight
Insight
Multiple flaws are due to an, - Input passed to the 'lang' parameter in '/documentation/index_list.php' is not properly sanitised before being returned to the user. - Input passed to the 'p_course', 'name' and 'value' parameters in '/mods/_standard/social/set_prefs.php' scripts is not properly sanitised before being used in SQL queries. - Input passed via the 'search_friends_HASH' POST parameter, where HASH is the value generated by the 'rand_key' parameter, to the '/mods/_standard/social/index_public.php' script is not properly sanitised before being returned to the user.
Affected Software
Affected Software
ATutor version 2.0.2
Solution
Solution
Upgrade to ATutor version 2.0.3 or later.