TTCSIRT-347.08.28.20: TT-CSIRT ADVISORY

TTCSIRT-347.08.28.20: TT-CSIRT ADVISORY – Atutor SQL Injection

By
September 22, 2020

An SQL injection vulnerability exists in ATutor. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system.

This module exploits a SQL Injection vulnerability and an authentication weakness vulnerability in ATutor. This essentially means an attacker can bypass authentication and reach the administrator’s interface where they can upload malicious code.

Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands.

For further information and support foe solution, please visit the following link:
https://www.checkpoint.com/defense/advisories/public/2020/cpai-2016-0977.html

If you have any queries or comments with regards to this advisory, please feel free to contact TTCSIRT via contacts@ttcsirt.gov.tt

M	T	W	T	F	S	S
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31

TTCSIRT-347.08.28.20: TT-CSIRT ADVISORY – Atutor SQL Injection

TTCSIRT-347.08.28.20: TT-CSIRT ADVISORY – Atutor SQL Injection

Quick Navigation

Partner Agencies

Subscribe to Stay Updated!

Follow on social media: