Insufficient Access Control in Zomplog Allows Remote File Download
CVE-2007-5278

Currently unrated

Key Information:

Vendor: Zomplog
Status: Zomplog
Vendor: CVE Published:; 8 October 2007

What is CVE-2007-5278?

Zomplog versions 3.8.1 and earlier are prone to insufficient access control, leading to potential exposure of sensitive files uploaded by users. Attackers can exploit this vulnerability by accessing the upload directory, which may allow them to download files directly if the directory listing is enabled. While directory listing may be disabled in default configurations, predictable filenames can still pose a risk, giving attackers a pathway to sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.exploit-db.com/exploits/4466

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/25861

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Oct 8, 2007
Vulnerability Reserved
Oct 8, 2007

JSON

Zomplog

What is CVE-2007-5278?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.