NVD

Id
55138  
Name
CVE-2007-2979  
Description
Techno Dreams Web Directory / Search Engine 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Database.mdb.  
Reject
 
CVSS Version
2  
CVSS Score
7.8  
Severity
High  
CVSS Base Score
7.8  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:N/A:N)  
Pub Date
2017-01-07  
Published
2007-05-31  
Modified Date
2012-10-30  
Seq
2007-2979  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
280190 55138 CVE-2007-2979 2755  View
280191 55138 CVE-2007-2979 20070525 Web Directory / Search Engine v2.0 Authentication Bypass/Database Download Vulnerability  View
280192 55138 CVE-2007-2979 ADV-2007-1970  View
280193 55138 CVE-2007-2979 td-webdirectory-db-information-disclosure(34518)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
56942 JVNDB-2007-005634 Techno Dreams Web Directory / Search Engine におけるデータベースをダウンロードされる脆弱性 Techno Dreams Web Directory / Search Engine は、不十分なアクセスコントロールで Web ルート配下に重要な情報を格納するため、データベースをダウンロードされる脆弱性が存在します。 CVE-2007-2979 26334 CVE-2007-2979 55138 7.8 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-005634.html 2007-05-31 2012-12-20 View