CVE-2008-4183

Name of the Vulnerable Software and Affected Versions IntegraMOD versions 1.4.x

Description The issue allows remote attackers to download a backup via a direct request to a backup/backup-yyyy-dd-mm.sql filename, due to insufficient access control of sensitive information stored under the web root.

Recommendations For versions 1.4.x, consider restricting access to the backup files by implementing proper access controls to prevent unauthorized downloads. As a temporary workaround, restrict access to the backup directory to minimize the risk of exploitation.