CVE-2012-5453

Publication date

2012-10-22 23:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in user/index_inline_editor_submit.php in ATutor AContent 1.2-1 allows remote authenticated users to execute arbitrary SQL commands via the field parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-5167.