Educate Server
by Merlix
CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-6871 | 0.03 | — | 0.05 | Jul 23, 2009 | Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allows remote attackers to obtain unspecified sensitive information via a direct request. | ||
| CVE-2008-6870 | 0.03 | — | 0.02 | Jul 23, 2009 | Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain sensitive information via a direct request to (1) config.asp and (2) users.asp. |
- CVE-2008-6871Jul 23, 2009risk 0.03cvss —epss 0.05
Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allows remote attackers to obtain unspecified sensitive information via a direct request.
- CVE-2008-6870Jul 23, 2009risk 0.03cvss —epss 0.02
Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain sensitive information via a direct request to (1) config.asp and (2) users.asp.