Lucene search
K

167 matches found

Packet Storm
Packet Storm
added 2007/06/07 12:0 a.m.26 views

cactushop-mdb.txt

Cactushop V6 allows remote users to download the database which contains creditcard numbers and critical information. The affected carts default installation gives away the path to database file. As a result, an attacker exploiting this vulnerability will be able to obtain detailed private custom...

7.4AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2007/03/02 9:18 p.m.3 views

CVE-2007-1192

Thomas R. Pasawicz HyperBook Guestbook 1.30 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download an admin password hash via a direct request for data/gbconfiguration.dat...

5CVSS5.5AI score0.02456EPSS
Exploits1References5
NVD
NVD
added 2007/01/09 6:28 p.m.18 views

CVE-2007-0152

OhhASP stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for db/OhhASP.mdb...

7.5CVSS6.3AI score0.01359EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/01/09 6:0 p.m.18 views

CVE-2007-0152

OhhASP stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for db/OhhASP.mdb...

6.3AI score0.01359EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2006/03/14 12:0 a.m.3 views

PT-2006-2225 · Php · Php Advanced Transfer Manager

Name of the Vulnerable Software and Affected Versions: PHP Advanced Transfer Manager versions 1.00 through 1.30 Description: The issue allows remote attackers to download sensitive information, including password hashes, due to insufficient access control. This is possible because the sensitive...

5CVSS6.4AI score0.03315EPSS
Exploits1References10
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.13 views

CVE-2004-1838

Directory traversal vulnerability in xweb 1.0 allows remote attackers to download arbitrary files via a .. dot dot in the URL...

6.7AI score0.03741EPSS
Exploits1References7
Packet Storm
Packet Storm
added 2004/12/12 12:0 a.m.24 views

blogtorrent.txt

Intro ----- Blogtorrent is a collection of PHP scripts which are designed to make it simple to host files for transfer via bittorrent. Whilst it is not normal to report security problems in "preview" releases of software this software was covered prominently upon Slashdot and could be widely used...

7.4AI score
Exploits0
Rows per page
Query Builder