CVE

Id
23511  
CVE No.
CVE-2007-0154  
Status
Candidate  
Description
Webulas stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for db/db.mdb.  
Phase
Assigned (20070109)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
227518 23511 CVE-2007-0154 BUGTRAQ:20070107 Webulas Remote Password Disclosure Vulnerability  View
227519 23511 CVE-2007-0154 URL:http://www.securityfocus.com/archive/1/archive/1/456239/100/0/threaded  View
227520 23511 CVE-2007-0154 OSVDB:33401  View
227521 23511 CVE-2007-0154 URL:http://osvdb.org/33401  View
227522 23511 CVE-2007-0154 SREASON:2126  View
227523 23511 CVE-2007-0154 URL:http://securityreason.com/securityalert/2126  View
227524 23511 CVE-2007-0154 XF:webulas-db-info-disclosure(31338)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
54504 JVNDB-2007-003196 M-Core における重要な情報を取得される脆弱性 M-Core は、Web ドキュメントルートにデータベースを格納するため、重要な情報を取得される脆弱性が存在します。 CVE-2007-0156 23511 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-003196.html  View