Educate Server Security Vulnerabilities and Issues — Educate Server CVE List

Lucene search

MerlixEducate Server

2 matches found

CVE•added 2009/07/23 7:30 p.m.•39 views

CVE-2008-6870

Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain sensitive information via a direct request to (1) config.asp and (2) users.asp.

5CVSS6.5AI score0.02002EPSS

CVE•added 2009/07/23 7:30 p.m.•39 views

CVE-2008-6871

Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allows remote attackers to obtain unspecified sensitive information via a direct request.

5CVSS6.4AI score0.02835EPSS