Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-5599 | 1 Merlix | 1 Teamworx Server | 2017-09-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in default.asp in Merlix Teamworx Server allows remote attackers to execute arbitrary SQL commands via the password parameter (aka passwd field) in a login action. NOTE: some of these details are obtained from third party information. | |||||
CVE-2008-5600 | 1 Merlix | 1 Teamworx Server | 2017-09-28 | 5.0 MEDIUM | N/A |
Merlix Teamworx Server stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for teamworx.mdb. |