Every CVE whose affected-product data names Atutor Acontent, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2020-10557 — CVSS 8.8 (high): An issue was discovered in AContent through 1.4. It allows the user to run commands on the server with a low-privileged account. The upload…
CVE-2012-5167 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in ATutor AContent before 1.2-1 allow remote attackers to execute arbitrary SQL commands via the (1)…
CVE-2012-5168 — CVSS 7.5 (high): ATutor AContent before 1.2-1 allows remote attackers to modify arbitrary user passwords or category names via a direct request to (1)…
CVE-2012-5453 — CVSS 6.5 (medium): SQL injection vulnerability in user/index_inline_editor_submit.php in ATutor AContent 1.2-1 allows remote authenticated users to execute…
CVE-2012-5454 — CVSS 6.5 (medium): user/index_inline_editor_submit.php in ATutor AContent 1.2-1 does not properly restrict access, which allows remote authenticated users to…
CVE-2012-5169 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in file_manager/preview_top.php in ATutor AContent before 1.2-2 allow remote attackers…