Vendor Dictionary: ATutor

ATutor

Short Name:	[None Entered]
Previous Names:	[None Entered]
URL:	http://www.atutor.ca/index.php [visit link]
Email:	[None Entered]
Security URL:	[None Entered]
Security Email:	[None Entered]
Knowledge Base:	http://www.atutor.ca/forums/index.php [visit link]
Notes:	http://www.atutor.ca/contact.php

Vulnerabilities by Vendor Product

ATutor

ATutor

ATutor: 1.4.3; OSVDB ID: 17353 ATutor content.php cid Parameter XSS; OSVDB ID: 17356 ATutor inbox/index.php view Parameter XSS; OSVDB ID: 17355 ATutor search.php Multiple Parameter XSS; OSVDB ID: 17354 ATutor send_message.php l Parameter XSS; OSVDB ID: 17359 ATutor directory.php Multiple Parameter XSS; OSVDB ID: 17352 ATutor contact.php subject Parameter XSS; OSVDB ID: 17351 ATutor browse.php show_course Parameter XSS; OSVDB ID: 17358 ATutor subscribe_forum.php us Parameter XSS; OSVDB ID: 17357 ATutor tile.php Multiple Parameter XSS; 1.5rc1; OSVDB ID: 17353 ATutor content.php cid Parameter XSS; OSVDB ID: 17356 ATutor inbox/index.php view Parameter XSS; OSVDB ID: 17355 ATutor search.php Multiple Parameter XSS; OSVDB ID: 17354 ATutor send_message.php l Parameter XSS; OSVDB ID: 17352 ATutor contact.php subject Parameter XSS; OSVDB ID: 17351 ATutor browse.php show_course Parameter XSS; OSVDB ID: 17358 ATutor subscribe_forum.php us Parameter XSS; OSVDB ID: 17357 ATutor tile.php Multiple Parameter XSS; 1.5 RC1; OSVDB ID: 17359 ATutor directory.php Multiple Parameter XSS; 1.5.1; OSVDB ID: 27023 ATutor admin/fix_content.php submit Parameter XSS; OSVDB ID: 27021 ATutor password_reminder.php forgot Parameter XSS; OSVDB ID: 27020 ATutor documentation/admin/index.php XSS; 1.5.3-RC2; OSVDB ID: 27023 ATutor admin/fix_content.php submit Parameter XSS; 1.5.3 RC2; OSVDB ID: 27021 ATutor password_reminder.php forgot Parameter XSS; OSVDB ID: 27020 ATutor documentation/admin/index.php XSS; 2.0; OSVDB ID: 68072 ATutor mods/_core/editor/edit_content_folder.php cid Parameter XSS; OSVDB ID: 68071 ATutor mods/_core/editor/delete_content.php cid Parameter XSS; 2.0.3; OSVDB ID: 81576 ATutor registration.php Multiple Parameter XSS; 2.1; OSVDB ID: 87547 ATutor ATutor/mods/_core/tool_manager/index.php tool_file Parameter Traversal Local File Inclusion

AContent: 1.0; OSVDB ID: 68068 AContent home/search.php search_text Parameter SQL Injection; OSVDB ID: 68067 AContent Multiple Admin Function CSRF; OSVDB ID: 68069 AContent home/search.php search_text Parameter XSS; OSVDB ID: 68066 AContent home/course/course_property.php copyright Parameter XSS; 1.1; OSVDB ID: 74463 AContent Multiple Script URI XSS; OSVDB ID: 74454 AContent /course_category/index.php category_name Parameter XSS; OSVDB ID: 74468 AContent /documentation/search.php Multiple Unspecified Parameter SQL Injection; OSVDB ID: 74469 AContent /search.php Multiple Unspecified Parameter SQL Injection; OSVDB ID: 74470 AContent /user/index_inline_editor_submit.php Multiple Unspecified Parameter SQL Injection; OSVDB ID: 74472 AContent /updater/myown_patches_inline_editor_submit.php Multiple Unspecified Parameter SQL Injection; OSVDB ID: 74471 AContent /user/user_group_inline_editor_submit.php Multiple Unspecified Parameter SQL Injection; OSVDB ID: 74473 AContent /updater/patch_creator.php Multiple Unspecified Parameter SQL Injection; OSVDB ID: 74477 AContent /oauth/authorization.php Multiple Unspecified Parameter SQL Injection; OSVDB ID: 74478 AContent /oauth/register_consumer.php Multiple Unspecified Parameter SQL Injection; OSVDB ID: 74480 AContent /home/ims/ims_import.php Multiple Unspecified Parameter SQL Injection; OSVDB ID: 74475 AContent /tests/import_test.php Multiple Unspecified Parameter SQL Injection; OSVDB ID: 74479 AContent /language/index_inline_editor_submit.php Multiple Unspecified Parameter SQL Injection; OSVDB ID: 74474 AContent /updater/patch_edit.php Multiple Unspecified Parameter SQL Injection; OSVDB ID: 74476 AContent /tests/question_import.php Multiple Unspecified Parameter SQL Injection; OSVDB ID: 74481 AContent /home/search.php Multiple Unspecified Parameter SQL Injection; OSVDB ID: 74455 AContent /documentation/frame_header.php p Parameter XSS; OSVDB ID: 74457 AContent /register.php password_error Parameter XSS; OSVDB ID: 74456 AContent /documentation/frame_content.php p Parameter XSS; OSVDB ID: 74458 AContent /user/user_create_edit.php id Parameter XSS; OSVDB ID: 74459 AContent /updater/patch_edit.php myown_patch_id Parameter XSS; OSVDB ID: 74460 AContent /themes/default/login.tmpl.php Multiple Parameter XSS; OSVDB ID: 74461 AContent /themes/default/user/user_group_create_edit.tmpl.php id Parameter XSS; OSVDB ID: 74462 AContent /themes/default/language/language_add_edit.tmpl.php id Parameter XSS; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.1; 1.2; OSVDB ID: 86424 AContent user/index_inline_editor_submit.php field Parameter SQL Injection; OSVDB ID: 86428 AContent Multiple Script Authentication Weakness Multiple Functionality Manipulation; 1.2; OSVDB ID: 86425 AContent user/user_password.php id Parameter SQL Injection; 1.2; OSVDB ID: 86426 AContent file_manager/preview_top.php Multiple Parameter XSS; 1.2; OSVDB ID: 86427 AContent course_category/index_inline_editor_submit.php field Parameter SQL Injection; 1.2; 1.3; OSVDB ID: 91660 AContent /oauth/lti/common/tool_provider_outcome.php url Parameter Traversal Arbitrary File Access

AChecker: 1.2; OSVDB ID: 74413 AChecker updater/patch_edit.php myown_patch_id Parameter SQL Injection; OSVDB ID: 74414 AChecker user/user_create_edit.php id Parameter SQL Injection; OSVDB ID: 74415 AChecker themes/default/language/language_add_edit.tmpl.php id Parameter XSS; OSVDB ID: 74416 AChecker themes/default/user/user_group_create_edit.tmpl.php id Parameter XSS; OSVDB ID: 74417 AChecker documentation/frame_header.php p Parameter XSS; OSVDB ID: 74418 AChecker updater/patch_edit.php myown_patch_id Parameter XSS; OSVDB ID: 74419 AChecker user/user_create_edit.php id Parameter XSS; 1.2; 1.2; 1.2; 1.2; 1.2; 1.2

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.