Authentication Bypass Vulnerability in ATutor by Atutor
CVE-2014-9753

9.8CRITICAL

Key Information:

Vendor: Atutor
Status: Atutor
Vendor: CVE Published:; 11 February 2020

What is CVE-2014-9753?

The vulnerability in ATutor allows a remote attacker to bypass authentication mechanisms by manipulating the auto_login parameter in the confirm.php file. This exploitation can lead to unauthorized access as an existing user, posing significant risks to user accounts and sensitive information. Users of ATutor 2.2 and earlier should apply security patches promptly to mitigate this threat.