VYPR
Unrated severityNVD Advisory· Published Aug 5, 2006· Updated Jun 16, 2026

CVE-2006-3996

CVE-2006-3996

Description

SQL injection vulnerability in links/index.php in ATutor 1.5.3.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the (1) desc or (2) asc parameters.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Atutor/Atutor2 versions
    cpe:2.3:a:adaptive_technology_resource_centre:atutor:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:adaptive_technology_resource_centre:atutor:*:*:*:*:*:*:*:*range: <=1.5.3.1
    • (no CPE)range: <=1.5.3.1

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.