Merlix Educate Server allows remote attackers to bypass intended security restrictions and obtain sensitive information via a direct request to (1) config.asp and (2) users.asp.
References
Configurations
History
No history.
Information
Published : 2009-07-23 19:30
Updated : 2024-02-28 11:21
NVD link : CVE-2008-6870
Mitre link : CVE-2008-6870
CVE.ORG link : CVE-2008-6870
JSON object : View
Products Affected
merlix
- educate_server
CWE
CWE-264
Permissions, Privileges, and Access Controls