NuytsTech Security

CVE-2014-1217

by ·

Livetecs Timelive before 6.2.8 does not properly restrict access to systemsetting.aspx, which allows remote attackers to change configurations and obtain the database connection string and credentials via unspecified vectors.

Date published : 2014-04-28

http://www.securityfocus.com/bid/67043

http://www.securityfocus.com/archive/1/531911/100/0/threaded

Tags: