RSS   Podatności dla 'Teamworx server'   RSS

2008-12-16
 
CVE-2008-5600

CWE-264
 

 
Merlix Teamworx Server stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for teamworx.mdb.

 
 
CVE-2008-5599

CWE-89
 

 
SQL injection vulnerability in default.asp in Merlix Teamworx Server allows remote attackers to execute arbitrary SQL commands via the password parameter (aka passwd field) in a login action. NOTE: some of these details are obtained from third party information.

 

 >>> Vendor: Merlix 2 Produkty
Teamworx server
Educate server


Copyright 2024, cxsecurity.com

 

Back to Top