Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ATutor version 2.2.1 and earlier are vulnerable to a SQL injection in the Assignment Dropbox, BasicLTI, Blog Post, Blog, Group Course Email, Course Alumni, Course Enrolment, Group Membership, Course unenrolment, Course Enrolment List Search, Glossary, Social Group Member Search, Social Friend Search, Social Group Search, File Comment, Gradebook Test Title, User Group Membership, Inbox/Sent Items, Sent Messages, Links, Photo Album, Poll, Social Application, Social Profile, Test, Content Menu, Auto-Login, and Gradebook components resulting in information disclosure, database modification, or potential code execution.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atutor多款组件SQL注入漏洞
Vulnerability Description
ATutor是ATutor团队开发的一套开源的基于Web的学习内容管理系统(LCMS)。该系统包括教学内容管理、论坛、聊天室等模块。Assignment Dropbox等都是其中的组件。Assignment Dropbox是一个任务分配组件。BasicLTI component是一个外部工具调用组件。 Atutor 2.2.1及之前的版本中的多款组件中存在SQL注入漏洞。远程攻击者可利用该漏洞获取信息、修改数据库或可能执行代码。以下组件受到影响:Assignment Dropbox;BasicLTI co
CVSS Information
N/A
Vulnerability Type
N/A