| Max CVSS | 6.5 | Min CVSS | 6.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-5453 | 6.5 |
SQL injection vulnerability in user/index_inline_editor_submit.php in ATutor AContent 1.2-1 allows remote authenticated users to execute arbitrary SQL commands via the field parameter. NOTE: this vulnerability exists because of an incomplete fix for
|
11-04-2013 - 03:31 | 22-10-2012 - 23:55 | |
| CVE-2012-5454 | 6.5 |
user/index_inline_editor_submit.php in ATutor AContent 1.2-1 does not properly restrict access, which allows remote authenticated users to modify arbitrary user passwords via a crafted request. NOTE: this might be due to an incomplete fix for CVE-20
|
11-04-2013 - 03:31 | 22-10-2012 - 23:55 |