CVE-2007-2979

2007-06-0101:00:00

mitre

www.cve.org

6.3 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.7%

JSON

Techno Dreams Web Directory / Search Engine 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Database.mdb.

References

osvdb.org/36274

secunia.com/advisories/25436

securityreason.com/securityalert/2755

www.securityfocus.com/archive/1/469587/30/30/threaded

www.vupen.com/english/advisories/2007/1970

exchange.xforce.ibmcloud.com/vulnerabilities/34518