Description
PHP remote file inclusion vulnerability in tools/packages/import.php in ATutor 1.6.1 pl1 and earlier allows remote authenticated administrators to execute arbitrary PHP code via a URL in the type parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Mini Mail Dashboard Widget 'abspath' Parameter Remote File Include (1.36)
WordPress Plugin AddToAny Share Buttons Cross-Site Scripting (1.7.47)
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0703)
Oracle Application Server CVE-2006-3714 Vulnerability (CVE-2006-3714)
WordPress Plugin Migration, Backup, Staging-WPvivid Security Bypass (0.9.35)