CVE-2008-6871

Опубликовано: 23 июл. 2009

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Merlix Educate Server stores db.mdb under the web root with insufficient access control, which allows remote attackers to obtain unspecified sensitive information via a direct request.

Ссылки

http://secunia.com/advisories/33018
Vendor Advisory
http://www.osvdb.org/50524
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/47108
https://www.exploit-db.com/exploits/7348
http://secunia.com/advisories/33018
Vendor Advisory
http://www.osvdb.org/50524
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/47108
https://www.exploit-db.com/exploits/7348

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:merlix:educate_server:-:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05231

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-phwg-4x97-rwch

github

больше 3 лет назад