Techno Dreams » Web Directory : Security Vulnerabilities, CVEs,
Techno Dreams Web Directory / Search Engine 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Database.mdb.
Max CVSS
7.8
EPSS Score
1.12%
Published
2007-06-01
Updated
2017-07-29
SQL injection vulnerability in Techno Dreams Web Directory script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp.
Max CVSS
7.5
EPSS Score
1.01%
Published
2005-10-30
Updated
2016-10-18
2 vulnerabilities found