[KIS-2015-06] ATutor <= 2.2 (confirm.php) Session Variable Overloading Vulnerability CVE-2014-9753