CVE-2007-0545

2007-01-2917:00:00

mitre

www.cve.org

AI Score

6.3

Confidence

Low

EPSS

0.006

Percentile

78.4%

JSON

Maxtricity Tagger 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for tagger.mdb.

References

osvdb.org/33577

securityreason.com/securityalert/2214

www.securityfocus.com/archive/1/457953/100/0/threaded