Vulnerability Description
Techno Dreams Web Directory / Search Engine 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Database.mdb.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Techno Dreams | Web Directory | 2.0 |
References
- http://osvdb.org/36274
- http://secunia.com/advisories/25436Vendor Advisory
- http://securityreason.com/securityalert/2755
- http://www.securityfocus.com/archive/1/469587/30/30/threaded
- http://www.vupen.com/english/advisories/2007/1970
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34518
- http://osvdb.org/36274
- http://secunia.com/advisories/25436Vendor Advisory
- http://securityreason.com/securityalert/2755
- http://www.securityfocus.com/archive/1/469587/30/30/threaded
- http://www.vupen.com/english/advisories/2007/1970
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34518
FAQ
What is CVE-2007-2979?
CVE-2007-2979 is a vulnerability with a CVSS score of 7.8 (HIGH). Techno Dreams Web Directory / Search Engine 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct requ...
How severe is CVE-2007-2979?
CVE-2007-2979 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2979?
Check the references section above for vendor advisories and patch information. Affected products include: Techno Dreams Web Directory.