CVE-2010-1065
published 2010-03-23CVE-2010-1065: Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to…
PriorityP337medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
2.49%
82.6th percentile
Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/lebisoft.mdb.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lebisoft | ziyaretci_defteri | — | — |
| lebisoft | ziyaretci_defteri | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Lebisoft Ziyaretci Defteri 7.4 db/lebisoft.mdb access control (EDB-11015 / XFDB-55452)
vuldb·2026-05-03·CVSS 5.0
CVE-2010-1065 [MEDIUM] Lebisoft Ziyaretci Defteri 7.4 db/lebisoft.mdb access control (EDB-11015 / XFDB-55452)
A vulnerability has been found in Lebisoft Ziyaretci Defteri 7.4 and classified as problematic. This affects an unknown part of the file db/lebisoft.mdb. The manipulation leads to improper access controls.
This vulnerability is uniquely identified as CVE-2010-1065. The attack is possible to be carried out remotely. Moreover, an exploit is present.
GHSA
GHSA-836h-q5p2-g2rc: Lebisoft Ziyaretci Defteri 7
ghsa_unreviewed·2022-05-02
CVE-2010-1065 [MEDIUM] GHSA-836h-q5p2-g2rc: Lebisoft Ziyaretci Defteri 7
Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/lebisoft.mdb.
Suricata
GPL EXPLOIT ISAPI .ida access
suricata·2010-09-23
CVE-2000-0071 GPL EXPLOIT ISAPI .ida access
GPL EXPLOIT ISAPI .ida access
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL EXPLOIT ISAPI .ida access"; flow:established,to_server; http.uri; content:".ida"; nocase; endswith; reference:arachnids,552; reference:bugtraq,1065; reference:cve,2000-0071; classtype:web-application-activity; sid:2101242; rev:15; metadata:created_at 2010_09_23, cve CVE_2000_0071, signature_severity Major, updated_at 2024_03_08;)
Suricata
GPL EXPLOIT ISAPI .ida attempt
suricata·2010-09-23
CVE-2000-0071 GPL EXPLOIT ISAPI .ida attempt
GPL EXPLOIT ISAPI .ida attempt
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL EXPLOIT ISAPI .ida attempt"; flow:established,to_server; http.uri; content:".ida?"; nocase; reference:arachnids,552; reference:bugtraq,1065; reference:cve,2000-0071; classtype:web-application-attack; sid:2101243; rev:15; metadata:created_at 2010_09_23, cve CVE_2000_0071, signature_severity Major, updated_at 2024_03_08;)
Suricata
GPL EXPLOIT ISAPI .idq attempt
suricata·2010-09-23
CVE-2000-0071 GPL EXPLOIT ISAPI .idq attempt
GPL EXPLOIT ISAPI .idq attempt
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL EXPLOIT ISAPI .idq attempt"; flow:established,to_server; http.uri; content:".idq?"; nocase; reference:arachnids,553; reference:bugtraq,1065; reference:bugtraq,968; reference:cve,2000-0071; reference:cve,2000-0126; reference:nessus,10115; classtype:web-application-attack; sid:2101244; rev:18; metadata:created_at 2010_09_23, cve CVE_2000_0071, signature_severity Major, updated_at 2024_03_08;)
Suricata
GPL EXPLOIT ISAPI .idq access
suricata·2010-09-23
CVE-2000-0071 GPL EXPLOIT ISAPI .idq access
GPL EXPLOIT ISAPI .idq access
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL EXPLOIT ISAPI .idq access"; flow:established,to_server; http.uri; content:".idq"; nocase; reference:arachnids,553; reference:bugtraq,1065; reference:cve,2000-0071; classtype:web-application-activity; sid:2101245; rev:14; metadata:created_at 2010_09_23, cve CVE_2000_0071, signature_severity Major, updated_at 2024_03_08;)
2010-03-23
Published