Lucene search
K

8 matches found

NVD
NVD
added 2009/07/23 7:30 p.m.17 views

CVE-2008-6871

Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allows remote attackers to obtain unspecified sensitive information via a direct request...

5CVSS6.3AI score0.02459EPSS
Exploits1References4
NVD
NVD
added 2009/07/23 7:30 p.m.16 views

CVE-2008-6870

Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain sensitive information via a direct request to 1 config.asp and 2 users.asp...

5CVSS6.3AI score0.02728EPSS
Exploits0References2
Prion
Prion
added 2009/07/23 7:30 p.m.15 views

Information disclosure

Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain sensitive information via a direct request to 1 config.asp and 2 users.asp...

5CVSS6.8AI score0.02728EPSS
Exploits0References2
Prion
Prion
added 2009/07/23 7:30 p.m.15 views

Improper access control

Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allows remote attackers to obtain unspecified sensitive information via a direct request...

5CVSS6.8AI score0.02459EPSS
Exploits1References4
Cvelist
Cvelist
added 2009/07/23 7:0 p.m.27 views

CVE-2008-6871

Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allows remote attackers to obtain unspecified sensitive information via a direct request...

6.3AI score0.02459EPSS
Exploits1References4
CVE
CVE
added 2009/07/23 7:0 p.m.51 views

CVE-2008-6870

CVE-2008-6870 : Merlix Educate Server permits remote information disclosure by bypassing security restrictions via direct requests to (1) config.asp and (2) users.asp. The NVD records an network-exposed vulnerability with a base score of 5.0 (Medium) and partial confidentiality impact, with no au...

5CVSS6.5AI score0.02728EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2009/07/23 7:0 p.m.53 views

CVE-2008-6871

CVE-2008-6871 affects Merlix Educate Server, which stores db.mdb under the web root with insufficient access control, enabling remote attackers to obtain unspecified sensitive information via a direct request. The NVD entry documents a MEDIUM-severity issue (CVSSv2: AV:N/AC:L/Au:N/C:P/I:N/A:N) wi...

5CVSS6.4AI score0.02459EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2009/07/23 7:0 p.m.19 views

CVE-2008-6870

Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain sensitive information via a direct request to 1 config.asp and 2 users.asp...

6.3AI score0.02728EPSS
Exploits0References2
Rows per page
Query Builder