CVE-2016-2539 in ATutorinformazioni

Riassunto

di MITRE

Cross-site request forgery (CSRF) vulnerability in install_modules.php in ATutor before 2.2.2 allows remote attackers to hijack the authentication of users for requests that upload arbitrary files and execute arbitrary PHP code via vectors involving a crafted zip file.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Prenotare

23/02/2016

Divulgazione

07/02/2017

Moderazione

accettato

CPE

pronto

Sfruttamento

Scaricare

EPSS

0.04254

KEV

no

Attività

molto basso

Fonti

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!