ATutor 2.2 SQLi Vulnerability

In ATutor Lesson Management System version 2.2 and most likely earlier ones, two SQL injection vulnerabilities exist in these two files: “mods/_standard/assignments/add_assignment.php“ (Line 247) and the variable $assign_to “mods/_standard/links/tools/edit.php” on line 64 The problem is that the string parameters are […]