Vulnerabilities > Preprojects > PRE E Learning Portal
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-03-10 | CVE-2010-0954 | SQL Injection vulnerability in Preprojects PRE E-Learning Portal SQL injection vulnerability in search_result.asp in Pre Projects Pre E-Learning Portal allows remote attackers to execute arbitrary SQL commands via the course_ID parameter. | 7.5 |
2009-02-04 | CVE-2008-6052 | Permissions, Privileges, and Access Controls vulnerability in Preprojects PRE E-Learning Portal PreProjects Pre E-Learning Portal stores db_elearning.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request. | 5.0 |