Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5560

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-5560
Last Modified 18 Mar 2009 01:46:09
Published 15 Dec 2008 01:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5560

Summary

PostEcards stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for postcards.mdb.

Vulnerable Systems

Application

  • Dazzlindonna Postecards


References

XF - postecards-postcards-info-disclosure(47195)

MILW0RM - 7398

SREASON - 4725

SECUNIA - 33067

OSVDB - 50629


Last Updated: 27 May 2016 10:48:50