Adaptive Technology Resource Centre Atutor — known CVE vulnerabilities
Every CVE whose affected-product data names Adaptive Technology Resource Centre Atutor, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2007-0381 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in ATutor 1.5.3.2 allow remote attackers to execute arbitrary SQL commands via unspecified…
CVE-2005-2954 — CVSS 7.5 (high): SQL injection vulnerability in password_reminder.php in ATutor before 1.5.1 pl1 allows remote attackers to execute arbitrary SQL commands…
CVE-2005-3404 — CVSS 7.5 (high): Multiple PHP file inclusion vulnerabilities in ATutor 1.4.1 through 1.5.1-pl1 allow remote attackers to include arbitrary files via the…
CVE-2005-4155 — CVSS 7.5 (high): registration.PHP in ATutor 1.5.1 pl2 allows remote attackers to execute arbitrary SQL commands via an e-mail address that ends in a NULL…
CVE-2006-3662 — CVSS 7.5 (high): SQL injection vulnerability in index.php in ATutor 1.5.3 allows remote attackers to execute arbitrary SQL commands via the fid parameter…
CVE-2006-5734 — CVSS 7.5 (high): Multiple PHP remote file inclusion vulnerabilities in ATutor 1.5.3.2 allow remote attackers to execute arbitrary PHP code via a URL in the…
CVE-2006-3996 — CVSS 6.5 (medium): SQL injection vulnerability in links/index.php in ATutor 1.5.3.1 and earlier allows remote authenticated users to execute arbitrary SQL…
CVE-2005-2956 — CVSS 5.0 (medium): ATutor 1.5.1, and possibly earlier versions, stores temporary chat logs under the web document root with insufficient access control and…
CVE-2005-2955 — CVSS 4.6 (medium): config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which…
CVE-2005-3403 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.1 through 1.5.1-pl1 allow remote attackers to inject arbitrary web script…
CVE-2005-2649 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote attackers to inject arbitrary web script or HTML via (1) course…
CVE-2005-2044 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.3 and 1.5 RC 1 allow remote attackers to inject arbitrary web script or…
CVE-2006-3821 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the…
CVE-2006-3484 — CVSS 2.6 (low): Multiple cross-site scripting (XSS) vulnerabilities in ATutor before 1.5.3 allow remote attackers to inject arbitrary web script or HTML…