Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-01-05 | CVE-2007-0096 | Information Disclosure vulnerability in Carbon Communities CarbonCommunities stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for DataBase/Carbon2.4d.mdb. | 7.5 |
| 2007-01-05 | CVE-2007-0094 | Information Disclosure vulnerability in Sven Moderow Sven Moderow Guestbook 0.3A Sven Moderow GuestBook 0.3a stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for (1) gbook97.mdb or (2) gbook.mdb in ~db/. | 7.5 |
| 2007-01-05 | CVE-2007-0093 | SQL-Injection vulnerability in Simple Web Cms SQL injection vulnerability in page.php in Simple Web Content Management System allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2007-01-05 | CVE-2007-0092 | SQL-Injection vulnerability in E-Smart Cart E-Smart Cart 1.0 SQL injection vulnerability in productdetail.asp in E-SMARTCART 1.0 allows remote attackers to execute arbitrary SQL commands via the product_id parameter. | 7.5 |
| 2007-01-05 | CVE-2007-0091 | Information Disclosure vulnerability in Newscmslite newsCMSlite stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for newsCMS.mdb. | 7.5 |
| 2007-01-05 | CVE-2007-0090 | Information Disclosure vulnerability in Wineglass WineGlass stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for db/data.mdb. | 7.5 |
| 2007-01-05 | CVE-2007-0089 | Information Disclosure vulnerability in Jgbbs 3.0 jgbbs stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for db/bbs.mdb. | 7.5 |
| 2007-01-05 | CVE-2007-0079 | Information Disclosure vulnerability in Rblog rblog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) data/admin.mdb or (2) data/rblog.mdb. | 7.8 |
| 2007-01-05 | CVE-2007-0076 | Information Disclosure vulnerability in OpenForum Openforum stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user passwords via a direct request for openforum.mdb. | 7.5 |
| 2007-01-05 | CVE-2007-0075 | Information Disclosure vulnerability in ASPBB AspBB stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user passwords via a direct request for db/aspbb.mdb. | 7.5 |