8 matches found
CVE-2008-6871
Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allows remote attackers to obtain unspecified sensitive information via a direct request...
CVE-2008-6870
Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain sensitive information via a direct request to 1 config.asp and 2 users.asp...
Information disclosure
Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain sensitive information via a direct request to 1 config.asp and 2 users.asp...
Improper access control
Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allows remote attackers to obtain unspecified sensitive information via a direct request...
CVE-2008-6871
Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allows remote attackers to obtain unspecified sensitive information via a direct request...
CVE-2008-6870
CVE-2008-6870 : Merlix Educate Server permits remote information disclosure by bypassing security restrictions via direct requests to (1) config.asp and (2) users.asp. The NVD records an network-exposed vulnerability with a base score of 5.0 (Medium) and partial confidentiality impact, with no au...
CVE-2008-6871
CVE-2008-6871 affects Merlix Educate Server, which stores db.mdb under the web root with insufficient access control, enabling remote attackers to obtain unspecified sensitive information via a direct request. The NVD entry documents a MEDIUM-severity issue (CVSSv2: AV:N/AC:L/Au:N/C:P/I:N/A:N) wi...
CVE-2008-6870
Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain sensitive information via a direct request to 1 config.asp and 2 users.asp...