Unrated severityNVD Advisory· Published Sep 16, 2005· Updated Jun 16, 2026
CVE-2005-2955
CVE-2005-2955
Description
config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which allows authenticated administrators or educators to execute arbitrary code by uploading files with other executable extensions such as .inc, .php4, or others.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- rgod.altervista.org/atutor151.htmlnvdExploitVendor Advisory
- marc.infonvd
News mentions
0No linked articles in our index yet.