Lucene search
PRIOn knowledge basePRION:CVE-2007-0149HistoryJan 09, 2007 - 6:28 p.m.
Improper access control
2007-01-0918:28:00
PRIOn knowledge base
www.prio-n.com
1
6.8 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.011 Low
EPSS
Percentile
84.0%
EMembersPro 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for users.mdb.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ememberspro | eq | 1.0 |
Related
cvelist
cvelist
CVE-2007-0149
2007-01-09 18:00:00
cve
cve
CVE-2007-0149
2007-01-09 18:28:00
securityvulns
securityvulns
6.8 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.011 Low
EPSS
Percentile
84.0%
Related for PRION:CVE-2007-0149