CyberSec.Space Logo
Back to CVE Browser

CVE-2007-2100

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1560%
EPSS Percentile38.79th
PublishedApr 18, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

FAC Guestbook 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/Gdb.mdb.

Affected Platforms (CPE)

πŸ“¦
Fac Guestbook

Fac Guestbook

= 2.0

References & Advisories

πŸ”— http://secunia.com/advisories/24872
πŸ”— http://securityreason.com/securityalert/2570
πŸ”— http://www.securityfocus.com/archive/1/465544/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/23441
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/33600
πŸ”— http://secunia.com/advisories/24872
πŸ”— http://securityreason.com/securityalert/2570
πŸ”— http://www.securityfocus.com/archive/1/465544/100/0/threaded

Related Vulnerabilities

CVE-2007-210110.0

FAC Guestbook 3.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers...

CVE-2007-182210.0

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailbo...

CVE-2007-158710.0

templates/config/mail.tpl in Tim Soderstrom StatsDawg 0.92 allows remote attackers to execute arbitrary programs by specifying the...

CVE-2007-182310.0

T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling N...