RSS   Vulnerabilities for 'Educate server'   RSS

2009-07-23
 
CVE-2008-6871

 

 
Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allows remote attackers to obtain unspecified sensitive information via a direct request.

 
 
CVE-2008-6870

 

 
Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain sensitive information via a direct request to (1) config.asp and (2) users.asp.

 

 >>> Vendor: Merlix 2 Products
Teamworx server
Educate server


Copyright 2024, cxsecurity.com

 

Back to Top