Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0249


Vulnerability Score 5.0 5.0
CVE Id CVE-2008-0249
Last Modified 05 Sep 2008 05:34:34
Published 11 Jan 2008 09:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



PHP Webquest 2.6 allows remote attackers to retrieve database credentials via a direct request to admin/backup_phpwebquest.php, which leaks the credentials in an error message if a call to /usr/bin/mysqldump fails. NOTE: this might only be an issue in limited environments.

Vulnerable Systems


  • Phpwebquest 2.6


XF - phpwebquest-backup-information-disclosure(39572)

BID - 27202

MILW0RM - 4872

Last Updated: 27 May 2016 10:46:44