Description
PHP remote file inclusion vulnerability in tools/packages/import.php in ATutor 1.6.1 pl1 and earlier allows remote authenticated administrators to execute arbitrary PHP code via a URL in the type parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Social LikeBox & Feed Cross-Site Scripting (2.8.4)
WordPress Plugin Avenir-soft Direct Download Multiple Vulnerabilities (1.0)
Play Framework Improper Input Validation Vulnerability (CVE-2015-2156)
WordPress Plugin Breadcrumb NavXT Information Disclosure (6.1.0)
Oracle Application Server CVE-2007-3854 Vulnerability (CVE-2007-3854)