CVE-2005-3405

ATutor 1.4.1-1.5.1-pl1 - Remote Code Execution via Forum Parameter Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-3405. PoCs published by Andreas Sandblad.

AI-analyzed exploit summary The provided text describes multiple vulnerabilities in ATutor, including arbitrary PHP command execution, local file inclusion, and cross-site scripting. It includes example URLs demonstrating the vulnerabilities but lacks executable exploit code.

Description

ATutor 1.4.1 through 1.5.1-pl1 allows remote attackers to execute arbitrary PHP functions via a direct request to forum.inc.php with a modified addslashes parameter with either the (1) asc or (2) desc parameters set, possibly due to an eval injection vulnerability.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Andreas Sandblad · textwebappsphp

https://www.exploit-db.com/exploits/26431

View Code ZIP pw:eip

The provided text describes multiple vulnerabilities in ATutor, including arbitrary PHP command execution, local file inclusion, and cross-site scripting. It includes example URLs demonstrating the vulnerabilities but lacks executable exploit code.

Classification

Writeup 90%

Attack Type

Rce | Xss | Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: ATutor 1.5.1-pl1 and prior versions

No auth needed

Prerequisites: Access to the target ATutor instance

MITRE ATT&CK