Vulnerabilities > Techno Dreams > WEB Directory

DATE CVE VULNERABILITY TITLE RISK
2007-06-01 CVE-2007-2979 Information Disclosure vulnerability in Techno Dreams web Directory 2.0
Techno Dreams Web Directory / Search Engine 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Database.mdb.
network
low complexity
techno-dreams
7.8
7.8
2005-10-30 CVE-2005-3386 Scripts Multiple SQL Injection vulnerability in Techno Dreams
SQL injection vulnerability in Techno Dreams Web Directory script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp.
network
low complexity
techno-dreams
7.5
7.5