RSS   Vulnerabilities for 'Web directory'   RSS

2007-05-31
 
CVE-2007-2979

 

 
Techno Dreams Web Directory / Search Engine 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Database.mdb.

 
2005-10-30
 
CVE-2005-3386

 

 
SQL injection vulnerability in Techno Dreams Web Directory script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp.

 

 >>> Vendor: Techno dreams 6 Products
Techno dreams guest book
Mailing list
Web directory
Articles and papers package
Faq manager package
Announcement script


Copyright 2019, cxsecurity.com

 

Back to Top