CVE-2008-6660

Name of the Vulnerable Software and Affected Versions BigDump version 0.29b

Description The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension followed by a .sql extension, then accessing this file via a direct request.

Recommendations For BigDump version 0.29b, consider restricting access to the bigdump.php file to prevent remote attackers from uploading malicious files until a patch is available. As a temporary workaround, restrict the upload of files with executable extensions to minimize the risk of exploitation.