CVE-2005-4155 in ATutorinfo

Summary

registration.PHP in ATutor 1.5.1 pl2 allows remote attackers to execute arbitrary SQL commands via an e-mail address that ends in a NULL character, which bypasses the PHP regular expression check. NOTE: it is possible that this is actually a bug in PHP code, in which case this should not be treated as a vulnerability in ATutor.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

12/11/2005

Disclosure

12/10/2005

Moderation

VulDB entry created

Entries

1: VDB-27409

CPE

ready

CWE

CWE-185 (Unconfirmed)

Exploit

Download

CVSS

7.3

EPSS

0.03174

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-4155
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-4155
CVE Details	https://www.cvedetails.com/cve/CVE-2005-4155/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!