ATutor

ATutor is an Open Source Web-based Learning Management System (LMS) used to develop and deliver online courses. Administrators can install or update ATutor in minutes develop custom themes to give ATutor a new look and easily extend its functionality with feature modules. Educators can quickly assemble package and redistribute Web-based instructional content easily import prepackaged content

Severity Summary:

Critical: 6 High: 7 Medium: 13 Low: 2
Reference
Title
Severity
ATutor Incorrect Authorization Vulnerability
Critical
ATutor Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
ATutor Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
ATutor Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Critical
ATutor Improper Privilege Management Vulnerability
Critical
ATutor Improper Authentication Vulnerability
Critical
ATutor Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
ATutor Weak Password Recovery Mechanism for Forgotten Password Vulnerability
High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability
High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability
High
ATutor Cross-Site Request Forgery (CSRF) Vulnerability
High
ATutor Cross-Site Request Forgery (CSRF) Vulnerability
High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability
High
ATutor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
ATutor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
ATutor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
ATutor Improper Control of Generation of Code (Code Injection) Vulnerability
Medium
ATutor Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
ATutor Other Vulnerability
Medium
ATutor Other Vulnerability
Medium
ATutor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
ATutor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
ATutor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
ATutor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
ATutor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
ATutor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
ATutor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Low
ATutor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Low