This page aggregates publicly disclosed CVE and security risk information related to carbon_communities, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2008-1900 | option_Update.asp in Carbon Communities 2.4 and earlier allows remote attackers to edit arbitrary member information via a modified ID field. | [email protected] | 7.5 | 1.19% | 2008-04-22 | 2026-06-16 |
| CVE-2007-0096 | CarbonCommunities stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for DataBase/Carbon2.4d.mdb. | [email protected] | 7.5 | 1.48% | 2007-01-05 | 2026-06-16 |