CVE-2007-3061
NVD: Cactushop 6 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) cactushop6.mdb or (2) cactushop5.mdb.
7.8 Severity
HIGH EPSS
0.0258 (83) KEV
-
Source-published summary
NVD: Cactushop 6 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) cactushop6.mdb or (2) cactushop5.mdb.
Possible impact
Source describes information exposure review · remote exposure. Possible impact: A remote attacker may be able to access information that should not be exposed.
Affected context
vendor/product: cactusoft / cactushop
Remediation / advisory
Remediation reference present; patch status requires confirmation in the linked advisory.
Why it matters
Source describes information exposure review · remote exposure. Possible impact: A remote attacker may be able to access information that should not be exposed.; CVSS 7.8 (HIGH); EPSS percentile 83; not listed in KEV; Remediation reference present; patch status requires confirmation in the linked advisory; sources: NVD.
What to verify
Confirm affected product/version, vendor advisory, patch or mitigation, and exposure.
Exposure hint
remote exposure
Impact tags
Urgency reasons
Source-derived note
Summary derived from NVD description; unsafe procedural detail is not shown.
Redaction metadata
- source summary used
- True
- fallback summary used
- False
- unsafe procedural detail present
- false
- raw source displayed
- false
- public summary redacted
- true
Remediation handoff
Public-safe static handoff for human/Codex remediation planning. Scan, patch, external execution, and auto remediation are disabled.
Safety note
This radar shows source-published defensive context only. Exploit procedures, exploit strings, scanner commands, and auto-remediation are not provided.