Web Directory
CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2007-2979 | 0.00 | — | 0.01 | Jun 1, 2007 | Techno Dreams Web Directory / Search Engine 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Database.mdb. | ||
| CVE-2005-3386 | 0.00 | — | 0.01 | Oct 30, 2005 | SQL injection vulnerability in Techno Dreams Web Directory script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp. |
- CVE-2007-2979Jun 1, 2007risk 0.00cvss —epss 0.01
Techno Dreams Web Directory / Search Engine 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Database.mdb.
- CVE-2005-3386Oct 30, 2005risk 0.00cvss —epss 0.01
SQL injection vulnerability in Techno Dreams Web Directory script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp.