CVE

Id
26301  
CVE No.
CVE-2007-2944  
Status
Candidate  
Description
WabCMS 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/wabcmsn.mdb. NOTE: this issue was originally reported for "webCMS," but this was an error by an unreliable researcher.  
Phase
Assigned (20070530)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
266118 26301 CVE-2007-2944 BUGTRAQ:20070525 webCMS_1.00 Database Disclosure Vulnerabilitiy  View
266119 26301 CVE-2007-2944 URL:http://www.securityfocus.com/archive/1/archive/1/469618/100/0/threaded  View
266120 26301 CVE-2007-2944 MISC:http://www.xmors-security.com/advisory/webCMS_1.00.txt  View
266121 26301 CVE-2007-2944 VIM:20070531 wrong but true: "webCMS" database disclosure is actually for wabCMS  View
266122 26301 CVE-2007-2944 URL:http://www.attrition.org/pipermail/vim/2007-May/001637.html  View
266123 26301 CVE-2007-2944 OSVDB:36698  View
266124 26301 CVE-2007-2944 URL:http://osvdb.org/36698  View
266125 26301 CVE-2007-2944 SECUNIA:25453  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
55232 JVNDB-2007-003924 LeadTools Raster Dialog File_D Object におけるバッファオーバーフローの脆弱性 LeadTools Raster Dialog File_D Object (LTRDFD14e.DLL) の特定の ActiveX コントロールには、バッファオーバーフローの脆弱性が存在します。 CVE-2007-2946 26301 10 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-003924.html  View