Preprojects » Pre E-learning Portal : Security Vulnerabilities, CVEs,
SQL injection vulnerability in search_result.asp in Pre Projects Pre E-Learning Portal allows remote attackers to execute arbitrary SQL commands via the course_ID parameter.
Max CVSS
7.5
EPSS Score
0.23%
Published
2010-03-10
Updated
2017-08-17
PreProjects Pre E-Learning Portal stores db_elearning.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.
Max CVSS
5.0
EPSS Score
0.48%
Published
2009-02-04
Updated
2017-08-08
2 vulnerabilities found