Demarc Security : Security Vulnerabilities, CVEs,
Demarc Puresecure 1.6 stores authentication information for the logging server in plaintext, which allows attackers to steal login names and passwords to gain privileges.
Max CVSS
7.5
EPSS Score
0.19%
Published
2003-05-21
Updated
2008-09-05
Demarc PureSecure 1.05 allows remote attackers to gain administrative privileges via a SQL injection attack in a session ID that is stored in the s_key cookie.
Max CVSS
10.0
EPSS Score
0.45%
Published
2002-07-03
Updated
2008-09-05
2 vulnerabilities found