ELearning Server 4G Remote File Include And SQL Injection Vulnerabilities Network Vulnerability

Summary

eLearning Server 4G is prone to a remote file-include issue and an SQL- injection issue. A successful exploit may allow an attacker to execute malicious code within the context of the webserver process, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. eLearning Server 4G is vulnerable other versions may also be affected.

References

http://www.hypermethod.ru/
http://www.securityfocus.com/bid/53472

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-2923
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Assesi 'bg' Parameter SQL Injection vulnerability
Apache Tomcat AJP Protocol Security Bypass Vulnerability
Adobe ColdFusion Multiple Vulnerabilities-02 May-2014
ActivDesk Multiple Cross Site Scripting and SQL Injection Vulnerabilities
AIOCP 'cp_html2xhtmlbasic.php' Remote File Inclusion Vulnerability

eLearning Server 4G Remote File Include and SQL Injection Vulnerabilities

Take action and discover your vulnerabilities