CVE-2007-0381

Description

Multiple SQL injection vulnerabilities in ATutor 1.5.3.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters. NOTE: CVE analysis suggests that the vendor fixed these issues.

Affected products

• adaptive_technology_resource_centre / atutor1.5.3.2 – 1.5.3.2

References

• MISChttp://osvdb.org/34660
• MISChttp://www.atutor.ca/atutor/mantis/changelog_page.php
• MISChttp://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html
• VENDOR_ADVISORYhttp://www.hackers.ir/advisories/festival.txt