Summary
eLearning Server 4G is prone to a remote file-include issue and an SQL- injection issue.
A successful exploit may allow an attacker to execute malicious code within the context of the webserver process, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
eLearning Server 4G is vulnerable
other versions may also be
affected.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-2923 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apple Safari RSS Feed Information Disclosure Vulnerability
- Atmail Multiple Unspecified Security Vulnerabilities.
- 'research_display.php' SQL Injection Vulnerability
- ActivDesk Multiple Cross Site Scripting and SQL Injection Vulnerabilities
- Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability