Vulnerabilities

CVE-2005-4155

by Fred · 10/12/2005

registration.PHP in ATutor 1.5.1 pl2 allows remote attackers to execute arbitrary SQL commands via an e-mail address that ends in a NULL character, which bypasses the PHP regular expression check. NOTE: it is possible that this is actually a bug in PHP code, in which case this should not be treated as a vulnerability in ATutor.

Date published : 2005-12-10

http://www.securityfocus.com/bid/15355/

http://rgod.altervista.org/atutor151pl2.html

Similar

Tags: Cybersecurity Alert