Intrusion Prevention

ATutor.MOD.PHP.ZIP.File.Upload.Directory.Traversal

Description

This indicates an attack attempt to exploit a Directory Traversal vulnerability in ATutor.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may be able to exploit this to upload an arbitrary file onto a vulnerable system leading to further attacks.

Affected Products

ATutor 2.2.1 and prior version

Impact

Security Bypass: Remote attackers can bypass security features of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.
http://www.atutor.ca/

Other References

SRC-2016-11