CVE-2008-6199

Name of the Vulnerable Software and Affected Versions 2532designs 2532|Gigs versions 1.2.2 and earlier

Description The issue allows remote attackers to trigger a backup and obtain sensitive information via a direct request to "backup.php", which creates "backup.sql" under the web root with insufficient access control.

Recommendations For versions 1.2.2 and earlier, restrict access to the "backup.php" file to minimize the risk of exploitation. Consider implementing proper access control mechanisms to prevent unauthorized creation of backup files.