5

CVE-2007-6361

EPSS 1.22%
Veröffentlicht 15.12.2007 01:46:00
Zuletzt bearbeitet 16.06.2026 22:47:54
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Gekko 0.8.2 and earlier stores sensitive information under the web root with possibly insufficient access control, which might allow remote attackers to read certain files under temp/, as demonstrated by a log file that records the titles of blog entries.  NOTE: access to temp/ is blocked by .htaccess in most deployments that use Apache HTTP Server.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Gekkoware ≫ Gekko Version <= 0.8.2

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.22%	0.648

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://osvdb.org/44151

http://securityreason.com/securityalert/3451

http://www.securityfocus.com/archive/1/484330/100/0/threaded

http://www.securityfocus.com/archive/1/484343/100/0/threaded

https://exchange.xforce.ibmcloud.com/vulnerabilities/38735

https://nvd.nist.gov/vuln/detail/CVE-2007-6361

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-6361

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-6361

EUVD