CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-2100

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1560%
EPSS Percentile38.79th
Published2007年4月18日
Last Modified2026年4月23日

Vulnerability Description

FAC Guestbook 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/Gdb.mdb.

Affected Platforms (CPE)

📦
Fac Guestbook

Fac Guestbook

= 2.0

References & Advisories

🔗 http://secunia.com/advisories/24872
🔗 http://securityreason.com/securityalert/2570
🔗 http://www.securityfocus.com/archive/1/465544/100/0/threaded
🔗 http://www.securityfocus.com/bid/23441
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/33600
🔗 http://secunia.com/advisories/24872
🔗 http://securityreason.com/securityalert/2570
🔗 http://www.securityfocus.com/archive/1/465544/100/0/threaded

関連する脆弱性情報

CVE-2007-210110.0

FAC Guestbook 3.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-182210.0

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailbo...