50 matches found
EUVD-2008-5574
Malware in sbrugna...
EUVD-2008-5575
Malware in sbrugna...
asp autodealer (sql/dd) Multiple Vulnerabilities
No description provided by source. -----------------------------OffensiveTrack------------------------------ ---------------------------- Tunisia Muslim ------------------------------ found by : OffensiveTrack Author : AlpHaNiX website : www.offensivetrack.org contact : AlpHaATHACKERDOTBZ script ...
template creature (sql/dd) Multiple Vulnerabilities
No description provided by source. ASP Template Creature DD/SQL Multiple Remote Vuln. ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Home: www.z0rlu.blogspot.com N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA :...
merlix educate servert (bypass/dd) Multiple Vulnerabilities
No description provided by source. Merlix Educate Servert Bypass/DD Multiple Remote Vuln ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Home: www.z0rlu.blogspot.com N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA :...
CVE-2008-6870
Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain sensitive information via a direct request to 1 config.asp and 2 users.asp...
CVE-2008-6871
Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allows remote attackers to obtain unspecified sensitive information via a direct request...
Improper access control
Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allows remote attackers to obtain unspecified sensitive information via a direct request...
Information disclosure
Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain sensitive information via a direct request to 1 config.asp and 2 users.asp...
CVE-2008-6871
Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allows remote attackers to obtain unspecified sensitive information via a direct request...
CVE-2008-6871
CVE-2008-6871 affects Merlix Educate Server, which stores db.mdb under the web root with insufficient access control, enabling remote attackers to obtain unspecified sensitive information via a direct request. The NVD entry documents a MEDIUM-severity issue (CVSSv2: AV:N/AC:L/Au:N/C:P/I:N/A:N) wi...
CVE-2008-6870
Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain sensitive information via a direct request to 1 config.asp and 2 users.asp...
CVE-2008-6870
CVE-2008-6870 : Merlix Educate Server permits remote information disclosure by bypassing security restrictions via direct requests to (1) config.asp and (2) users.asp. The NVD records an network-exposed vulnerability with a base score of 5.0 (Medium) and partial confidentiality impact, with no au...
CVE-2008-5599
SQL injection vulnerability in default.asp in Merlix Teamworx Server allows remote attackers to execute arbitrary SQL commands via the password parameter aka passwd field in a login action. NOTE: some of these details are obtained from third party information...
CVE-2008-5600
Merlix Teamworx Server stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for teamworx.mdb...
Sql injection
SQL injection vulnerability in default.asp in Merlix Teamworx Server allows remote attackers to execute arbitrary SQL commands via the password parameter aka passwd field in a login action. NOTE: some of these details are obtained from third party information...
Improper access control
Merlix Teamworx Server stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for teamworx.mdb...
CVE-2008-5599
CVE-2008-5599 describes an SQL injection vulnerability in Merlix Teamworx Server, triggered through the password parameter (passwd) in the login action on default.asp. The vulnerable component is the login routine, allowing remote attackers to inject arbitrary SQL commands. The core details provi...
CVE-2008-5600
CVE-2008-5600 affects Merlix Teamworx Server, where sensitive data is stored under the web root with insufficient access control. This allows remote attackers to download the database file (teamworx.mdb) via a direct request. The NVD notes a Medium severity (CVSS v2 base score 5.0, vector AV:N/AC...
CVE-2008-5600
Merlix Teamworx Server stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for teamworx.mdb...