CVE-2010-1067
published 2010-03-23CVE-2010-1067: E-membres 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a…
PriorityP337medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
2.49%
82.6th percentile
E-membres 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/bdEMembres.mdb.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hasmir_alic | e-membres | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Hasmir Alic E-membres 1.0 db/bdEMembres.mdb access control (EDB-11098 / XFDB-55503)
vuldb·2026-05-03·CVSS 5.0
CVE-2010-1067 [MEDIUM] Hasmir Alic E-membres 1.0 db/bdEMembres.mdb access control (EDB-11098 / XFDB-55503)
A vulnerability was found in Hasmir Alic E-membres 1.0. It has been classified as problematic. This issue affects some unknown processing of the file db/bdEMembres.mdb. This manipulation causes improper access controls.
The identification of this vulnerability is CVE-2010-1067. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
GHSA
GHSA-3pfj-8fm9-2m22: E-membres 1
ghsa_unreviewed·2022-05-02
CVE-2010-1067 [MEDIUM] GHSA-3pfj-8fm9-2m22: E-membres 1
E-membres 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/bdEMembres.mdb.
No detection rules found.
No writeups or analysis indexed.
2010-03-23
Published