Lucene search
K

4 matches found

NVD
NVD
added 2007/01/05 6:28 p.m.18 views

CVE-2007-0094

Sven Moderow GuestBook 0.3a stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for 1 gbook97.mdb or 2 gbook.mdb in db/...

7.5CVSS6.3AI score0.01547EPSS
Exploits1References5
Prion
Prion
added 2007/01/05 6:28 p.m.13 views

Improper access control

Sven Moderow GuestBook 0.3a stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for 1 gbook97.mdb or 2 gbook.mdb in db/...

7.5CVSS6.9AI score0.01547EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2007/01/05 6:0 p.m.19 views

CVE-2007-0094

Sven Moderow GuestBook 0.3a stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for 1 gbook97.mdb or 2 gbook.mdb in db/...

6.3AI score0.01547EPSS
Exploits1References5
CVE
CVE
added 2007/01/05 6:0 p.m.42 views

CVE-2007-0094

The CVE-2007-0094 entry concerns Sven Moderow GuestBook 0.3a, where sensitive data is stored under the web root with insufficient access control. Remote attackers could directly download the database files gbook97.mdb or gbook.mdb located in ~db/, exposing passwords and other credentials. This vu...

7.5CVSS6.4AI score0.01547EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder