bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/11685.txt
Offensive Security d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

17 lines
No EOL
783 B
Text
Raw Blame History

Topic : ATutor 1.6.4
Bugs Type : Cross Site Scripting (all of them)
Credit : ItSecTeam
Remote : Yes
Status : Bug
# mail : Bug@ItSecTeam.com
# Dork : "ATutor 1.6.4"
#Special Tnx : am!rkh@n, Amin Shokohi(Pejvak), C0M0D0, 0xd41684c654, r3dmove And All It Security Team Members
#Website : WwW.ITSecTeam.com
########################## Exploit #############################
the bugs can be explited as below:
#1: After logging in as an instructor go to manage section and add a poll and inject your XSS code as a questaion or choices.
#2: After logging in as an instructor go to manage section and Create a new Group and inject your XSS code as title or group type.
#3: After logging in as an instructor go to manage section and Add an Assignment with XSS code as title.
Reference in a new issue View git blame Copy permalink