Improper access control

2009-07-2319:30:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.6%

JSON

Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allows remote attackers to obtain unspecified sensitive information via a direct request.

References

secunia.com/advisories/33018

www.osvdb.org/50524

exchange.xforce.ibmcloud.com/vulnerabilities/47108

www.exploit-db.com/exploits/7348