2 matches found
CVE-2008-6052
The CVE-2008-6052 entry concerns the PreProjects Pre E-Learning Portal, where the web root improperly stores the database file db_elearning.mdb, leading to insufficient access control. This exposure can allow remote attackers to directly request the database and obtain passwords. The available so...
CVE-2010-0954
CVE-2010-0954 corresponds to a SQL injection vulnerability in the Pre Projects Pre E-Learning Portal, specifically in search_result.asp where the course_ID parameter can be exploited to execute arbitrary SQL commands. The connected documents confirm the vulnerability details and affected componen...