Description
TUTOS 1.1 allows remote attackers to execute arbitrary code by uploading the code using file_new.php, then directly accessing the uploaded code via a request to the repository containing the code.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by François SORIN · textwebappsphp
https://www.exploit-db.com/exploits/22819
References (1)
Core 1
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=105638743109781&w=2
Scores
EPSS
0.0485
EPSS Percentile
89.6%
Details
Status
published
Products (1)
gero_kohnert/tutos
1.1
Published
Aug 07, 2003
Tracked Since
Feb 18, 2026