VYPR
Unrated severityNVD Advisory· Published Jan 5, 2007· Updated Jun 16, 2026

CVE-2007-0096

CVE-2007-0096

Description

CarbonCommunities stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for DataBase/Carbon2.4d.mdb.

Affected products

2
  • cpe:2.3:a:carbon_communities:carbon_communities:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:carbon_communities:carbon_communities:*:*:*:*:*:*:*:*range: <=2.4d
    • (no CPE)range: =2.4d

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.