Demarc Security: Security Vulnerabilities
Demarc Puresecure 1.6 stores authentication information for the logging server in plaintext, which allows attackers to steal login names and passwords to gain privileges.
CVSS Score
7.5
EPSS Score
0.005
Published
2003-05-21
Demarc PureSecure 1.05 allows remote attackers to gain administrative privileges via a SQL injection attack in a session ID that is stored in the s_key cookie.
CVSS Score
10.0
EPSS Score
0.007
Published
2002-07-03