Vulnerabilities (CVE)

Filtered by vendor Techno Dreams Subscribe
Filtered by product Web Directory
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-2979 1 Techno Dreams 1 Web Directory 2024-02-28 7.8 HIGH N/A
Techno Dreams Web Directory / Search Engine 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Database.mdb.
CVE-2005-3386 1 Techno Dreams 1 Web Directory 2024-02-28 7.5 HIGH N/A
SQL injection vulnerability in Techno Dreams Web Directory script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp.