Vulnerability Details CVE-2007-0079
rblog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) data/admin.mdb or (2) data/rblog.mdb.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.9%
CVSS Severity
CVSS v2 Score 7.8
References
- http://osvdb.org/32572
- http://secunia.com/advisories/23538
- http://securityreason.com/securityalert/2102
- http://www.aria-security.com/forum/showthread.php?t=77
- http://www.securityfocus.com/archive/1/455626/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31200
- http://osvdb.org/32572
- http://secunia.com/advisories/23538
- http://securityreason.com/securityalert/2102
- http://www.aria-security.com/forum/showthread.php?t=77
- http://www.securityfocus.com/archive/1/455626/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31200