3 matches found
CVE-2014-1217
Livetecs Timelive prior to version 6.2.8 has an unauthenticated access flaw in systemsetting.aspx that enables remote attackers to alter configurations and disclose the database connection string and credentials. The vulnerability affects Timelive 6.2.71 and similar build variants; fixed in 6.2.8...
CVE-2014-1217
Livetecs Timelive before 6.2.8 does not properly restrict access to systemsetting.aspx, which allows remote attackers to change configurations and obtain the database connection string and credentials via unspecified vectors...
Livetecs Timelive 6.2.71 Unauthenticated Access / File Upload Vulnerabilities
Exploit for php platform in category web applications Vulnerability title: Unauthenticated access to sensitive information and functionality in Livetecs Timelive CVE: CVE-2014-1217 Vendor: Livetecs Product: Timelive Affected version: 6.2.71 Fixed version: 6.2.8 Reported by: Richard Hatch Details:...