CVE-2016-2555

Exploitation Summary

EIP tracks 6 public exploits for CVE-2016-2555. PoCs published by Metasploit, shadofren, maximilianmarx, including Metasploit module exploits/linux/http/atutor_filemanager_traversal.

AI-analyzed exploit summary This Metasploit module exploits a SQL injection vulnerability (CVE-2016-2555) in ATutor 2.2.1, allowing authentication bypass and remote code execution via malicious plugin upload. It leverages a SQLi in the social connections search feature to extract admin credentials and uploads a PHP payload.

Description

SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.

Exploits (6)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotephp

https://www.exploit-db.com/exploits/39514

View Code ZIP pw:eip

This Metasploit module exploits a SQL injection vulnerability (CVE-2016-2555) in ATutor 2.2.1, allowing authentication bypass and remote code execution via malicious plugin upload. It leverages a SQLi in the social connections search feature to extract admin credentials and uploads a PHP payload.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ATutor 2.2.1

Auth required

Prerequisites: Valid student account credentials · Remote registration enabled (default) · Access to the login page

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 3 stars

by shadofren · poc

https://github.com/shadofren/CVE-2016-2555

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2016-2555, targeting ATutor. The exploit demonstrates an authentication bypass via type juggling, password reset, and arbitrary file upload leading to remote code execution.

Classification

Working Poc 95%

Attack Type

Auth Bypass | Rce

Complexity

Moderate

Reliability

Reliable

Target: ATutor (version not specified)

No auth needed

Prerequisites: Access to the target ATutor instance · Ability to send HTTP requests to the target

MITRE ATT&CK

T1110 - Brute Force T1068 - Exploitation for Privilege Escalation T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

nomisec WORKING POC 1 stars

by maximilianmarx · poc

https://github.com/maximilianmarx/atutor-blind-sqli

View Code ZIP pw:eip

This repository contains a functional Python script that exploits a blind SQL injection vulnerability in ATutor v2.2.1 (CVE-2016-2555). The script automates the enumeration and dumping of the underlying database by leveraging content-length differences in HTTP responses.

Classification

Working Poc 100%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: ATutor v2.2.1

No auth needed

Prerequisites: Network access to the target ATutor instance · Python 3.x environment

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

nomisec WORKING POC

by HussainFathy · poc

https://github.com/HussainFathy/CVE-2016-2555

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2016-2555, targeting ATutor 2.2.1. It combines SQL injection to extract credentials and a pass-the-hash attack to bypass authentication, followed by a ZIP file upload to achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ATutor 2.2.1

No auth needed

Prerequisites: Network access to the target ATutor instance · ATutor 2.2.1 running on the target

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter T1078 - Valid Accounts

devstral-2 · analyzed Feb 18, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/atutor_filemanager_traversal.rb

View Code ZIP pw:eip

This Metasploit module exploits a directory traversal vulnerability in ATutor 2.2.1, allowing remote code execution by uploading a malicious ZIP file. It also includes authentication bypass techniques via type juggling and TOCTOU vulnerabilities.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ATutor 2.2.1

Auth required

Prerequisites: display_errors set to On in PHP · Apache/PHP setup · student account credentials or ability to bypass authentication

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Apr 22, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/atutor_sqli.rb

View Code ZIP pw:eip

This Metasploit module exploits a SQL injection vulnerability (CVE-2016-2555) in ATutor 2.2.1 to bypass authentication, dump administrator credentials, and achieve remote code execution by uploading a malicious PHP plugin.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: ATutor 2.2.1

No auth needed

Prerequisites: Network access to the target ATutor instance

MITRE ATT&CK