ELearning Server 4G Remote File Include And SQL Injection Vulnerabilities Network Vulnerability

Summary

eLearning Server 4G is prone to a remote file-include issue and an SQL- injection issue. A successful exploit may allow an attacker to execute malicious code within the context of the webserver process, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. eLearning Server 4G is vulnerable other versions may also be affected.

References

http://www.hypermethod.ru/
http://www.securityfocus.com/bid/53472

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-2923

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe ColdFusion Directory Traversal Vulnerability
Atlassian JIRA FishEye and Crucible Plugins XML Parsing Unspecified Security Vulnerability
Apache Tomcat /servlet Cross Site Scripting
Atutor AChecker Multiple SQL Injection and XSS Vulnerabilities
ASUS RT56U Router Multiple Vulnerabilities

eLearning Server 4G Remote File Include and SQL Injection Vulnerabilities

Take action and discover your vulnerabilities