GCVE - cpe:2.3:a:adaptive_technology_resource_centre:atutor:1.5.1

Approved changes feed: RSS · Atom

cpe:2.3:a:adaptive_technology_resource_centre:atutor:1.5.1_pl2:*:*:*:*:*:*:*

part: a version: 1.5.1_pl2 update: *

Vendor	Adaptive Technology Resource Centre (`94088f96-8c62-59c6-b301-d7adf85e636d`)
Product	Atutor (`62bb5133-b69b-5c5f-b1d7-624741f12365`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/atutor/atutor_opencaps`	purl2cpe	2026-06-01 10:17:55.513444

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2006-3821`	vulnerable	2026-06-03 14:27:36.011988	Details available Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the (1) lang parameter in (a) index_list.php and (2) year, (3) month, and (4) day parameter in (b) registration.php. Published: 2006-07-25T00:00:00.000Z Updated: 2024-08-07T18:48:39.219Z Open on db.gcve.eu Reference links http://www.osvdb.org/displayvuln.php?osvdb_id=28187 https://exchange.xforce.ibmcloud.com/vulnerabilities/27619 http://www.securityfocus.com/archive/1/439873/100/100/threaded http://www.securityfocus.com/archive/1/439522 http://secunia.com/advisories/21008	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-3484`	vulnerable	2026-06-03 14:27:35.214719	Details available Multiple cross-site scripting (XSS) vulnerabilities in ATutor before 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the (1) show_courses or (2) current_cat parameters to (a) admin/create_course.php, show_courses parameter to (b) users/create_course.php, (3) p parameter to (c) documentation/admin/, (4) forgot parameter to (d) password_reminder.php, (5) cat parameter to (e) users/browse.php, or the (6) submit parameter to admin/fix_content.php. Published: 2006-07-10T20:00:00.000Z Updated: 2024-08-07T18:30:33.915Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2006/2691 http://www.osvdb.org/27021 http://www.atutor.ca/view/3/8341/1.html http://secunia.com/advisories/20941 http://www.osvdb.org/27020	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-4155`	vulnerable	2026-06-03 14:27:12.296709	Details available registration.PHP in ATutor 1.5.1 pl2 allows remote attackers to execute arbitrary SQL commands via an e-mail address that ends in a NULL character, which bypasses the PHP regular expression check. NOTE: it is possible that this is actually a bug in PHP code, in which case this should not be treated as a vulnerability in ATutor. Published: 2005-12-11T02:00:00.000Z Updated: 2024-08-07T23:38:51.228Z Open on db.gcve.eu Reference links http://securitytracker.com/alerts/2005/Nov/1015166.html http://rgod.altervista.org/atutor151pl2.html http://www.osvdb.org/20851 http://www.securityfocus.com/bid/15355/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Atutor

PURL mappings

Vulnerability references

Contribute