Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4093

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2007-4093
Last Modified 15 Nov 2008 01:55:19
Published 30 Jul 2007 04:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4093

Summary

Minb Is Not a Blog (minb) stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing usernames and encrypted passwords via a direct request for db/users.db.

Vulnerable Systems

Application

  • Minb Is Not A Blog 0.1.0


References

XF - minb-users-information-disclosure(35560)

BUGTRAQ - 20070722 Minb Is Not A Blog default password directory

OSVDB - 38997

SREASON - 2931


Last Updated: 27 May 2016 10:45:46