NVD List
| Id | Name | Description | Reject | CVSS Version | CVSS Score | Severity | Pub Date | Modified Date | Actions |
|---|---|---|---|---|---|---|---|---|---|
| 87544 | CVE-2017-1000004 | ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Assignment Dropbox component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and older are vulnerable to a SQL injection in the BasicLTI component resulting in information disclosure, database modification or potential code execution. ATutor version 2.2.1 and older is vulnerable to a SQL injection vulnerability in the Blog Post component resulting in information disclosure, database modification or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Blog component resulting in information disclosure, database modification or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection in the Group Course Email component resulting in information disclosure, database modification or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Course Alumni component resulting in information disclosure, database modification or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Course Enrolment component resulting in information disclosure, database modification or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Group Membership component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Course unenrolment component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL Injection vulnerability in the Course Enrolment List Search component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Glossary component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection in the Social Group Member Search component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Social Friend Search component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Social Group Search component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the File Comment component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Gradebook Test Title component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the User Group Membership component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Inbox/Sent Items component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL injection vulnerability in the Sent Messages component resulting in information disclosure, database modification, or potential code execution. ATutor versions 2.2.1 and earlier are vulnerable to a SQL in | 2017-07-18 | 2017-07-17 | View | ||||
| 87543 | CVE-2017-1000003 | ATutor versions 2.2.1 and earlier are vulnerable to a incorrect access control check vulnerability in the Social Application component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to a incorrect access control check vulnerability in the Module component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to a incorrect access control check vulnerability in the Alternative Content component resulting in privilege escalation. | 2017-07-18 | 2017-07-17 | View | ||||
| 87542 | CVE-2017-1000002 | ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension check bypass in the Course component resulting in code execution. ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal vulnerability in the Course Icon component resulting in information disclosure. | 2017-07-18 | 2017-07-17 | View | ||||
| 87541 | CVE-2017-1000001 | FedMsg 0.18.1 and older is vulnerable to a message validation flaw resulting in message validation not being enabled if configured to be on. | 2017-07-18 | 2017-07-17 | View | ||||
| 87228 | CVE-2017-0897 | ExpressionEngine version 2.x < 2.11.8 and version 3.x < 3.5.5 create an object signing token with weak entropy. Successfully guessing the token can lead to remote code execution. | 2 | 5 | Medium | 2017-07-18 | 2017-07-06 | View |
Page 858 of 17672, showing 5 records out of 88360 total, starting on record 4286, ending on 4290
