Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 06/06/2007 Updated: 16/10/2018

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 785

Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N

Cactushop 6 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for (1) cactushop6.mdb or (2) cactushop5.mdb.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cactusoft cactushop

============================================================================== _ _ _ _ _ _ / \ | | | | / \ | | | | / _ \ | | | | / _ \ | |_| | / ___ \ | |___ | |___ / ___ \ | _ | ...

CWE-255 http://securityreason.com/securityalert/2780 http://osvdb.org/42052 http://osvdb.org/42053 https://exchange.xforce.ibmcloud.com/vulnerabilities/34706 http://www.securityfocus.com/archive/1/470439/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/10686/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-3061

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect