Posted by Egidio Romano on Nov 04

————————————————————————-
ATutor <= 2.2 (Custom Course Icon) Unrestricted File Upload Vulnerability
————————————————————————-

[-] Software Link:

http://www.atutor.ca/

[-] Affected Versions:

Version 2.2 and prior versions.

[-] Vulnerability Description:

User input passed through the “customicon” when creating a new course is…