Posted by Egidio Romano on Nov 04

—————————————————————
ATutor <= 2.2 (edit_marks.php) PHP Code Injection Vulnerability
—————————————————————

[-] Software Link:

http://www.atutor.ca/

[-] Affected Versions:

Version 2.2 and prior versions.

[-] Vulnerability Description:

The vulnerable code is located in the /mods/_standard/gradebook/edit_marks.php script:

54. if…