PT-2009-2549 · Team Php · Team Php Php Classifieds Script
Cyb3R-1St
·
Publicado
2009-08-25
·
Atualizado
2017-09-29
·
CVE-2008-7080
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Team PHP PHP Classifieds Script (affected versions not specified)
Description
The issue allows remote attackers to obtain database credentials due to insufficient access control of sensitive information stored under the web root. This can be achieved via a direct request for the
admin/backup/datadump.sql file.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Team Php Php Classifieds Script