Vulnerabilities > CVE-2005-4155 - Unspecified vulnerability in Adaptive Technology Resource Centre Atutor 1.5.1Pl2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
registration.PHP in ATutor 1.5.1 pl2 allows remote attackers to execute arbitrary SQL commands via an e-mail address that ends in a NULL character, which bypasses the PHP regular expression check. NOTE: it is possible that this is actually a bug in PHP code, in which case this should not be treated as a vulnerability in ATutor.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | ATutor 1.5.1pl2 SQL Injection / Command Execution Exploit. CVE-2005-4155. Webapps exploit for php platform |
id | EDB-ID:1298 |
last seen | 2016-01-31 |
modified | 2005-11-07 |
published | 2005-11-07 |
reporter | rgod |
source | https://www.exploit-db.com/download/1298/ |
title | ATutor 1.5.1pl2 SQL Injection / Command Execution Exploit |