17 Juil 2017
CVE-2017-1000004 - CVE Vulnerability
ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Assignment Dropbox component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and older are vulnerable to a SQL injection in the BasicLTI component resulting in information disclosure, database modification or potential code execution. ATutor version 2.2.1 and older is vulnerable to a SQL injection vulnerability in the Blog Post component resulting in information disclosure, database modification or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Blog component resulting in information disclosure, database modification or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection in the Group Course Email component resulting in information disclosure, database modification or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Course Alumni component resulting in information disclosure, database modification or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Course Enrolment component resulting in information disclosure, database modification or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Group Membership component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Course unenrolment component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL Injection vulnerability in the Course Enrolment List Search component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Glossary component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection in the Social Group Member Search component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Social Friend Search component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Social Group Search component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the File Comment component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Gradebook Test Title component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the User Group Membership component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Inbox/Sent Items component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Sent Messages component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL in (CVSS:0.0) (Last Update:2017-07-17)
Vulnerability Details : ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Assignment Dropbox component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and older are vulnerable to a SQL injection in the BasicLTI component resulting in information disclosure, database modification or potential code execution. ATutor version 2.2.1 and older is vulnerable to a SQL injection vulnerability in the Blog Post component resulting in information disclosure, database modification or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Blog component resulting in information disclosure, database modification or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection in the Group Course Email component resulting in information disclosure, database modification or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Course Alumni component resulting in information disclosure, database modification or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Course Enrolment component resulting in information disclosure, database modification or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Group Membership component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Course unenrolment component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL Injection vulnerability in the Course Enrolment List Search component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Glossary component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection in the Social Group Member Search component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Social Friend Search component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Social Group Search component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the File Comment component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Gradebook Test Title component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the User Group Membership component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Inbox/Sent Items component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Sent Messages component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL in Publish Date : 2017-07-17 Last Update Date : 2017-07-17 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2017-1000004
- References For CVE-2017-1000004
| |||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2017-1000004There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |