CVE-2008-6815

Name of the Vulnerable Software and Affected Versions: MyKtools version 2.4

Description: The issue concerns a lack of administrative authentication in the mykdownload.php file, allowing remote attackers to read a database backup. This can be achieved by making a direct request, followed by sending an unspecified request to the download page for the backup. No information is available regarding the estimated number of potentially affected devices or real-world incidents.

Recommendations: For MyKtools version 2.4, ensure that administrative authentication is properly implemented for the mykdownload.php file to prevent unauthorized access to database backups. As a temporary workaround, consider restricting access to the mykdownload.php file until a proper fix is applied.