Posted by Egidio Romano on Nov 04
———————————————————————-
ATutor <= 2.2 (confirm.php) Session Variable Overloading Vulnerability
———————————————————————-
[-] Software Link:
[-] Affected Versions:
Version 2.2 and prior versions.
[-] Vulnerability Description:
The vulnerable code is located in the /confirm.php script:
140. if…