CVE-2008-6052 Information

Description

PreProjects Pre E-Learning Portal stores db_elearning.mdb under the web root with insufficient access control which allows remote attackers to obtain passwords via a direct request.

Reference

http://packetstorm.linuxsecurity.com/0812-exploits/prelearn-disclose.txt http://secunia.com/advisories/33197 https://exchange.xforce.ibmcloud.com/vulnerabilities/47437