Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7056

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-7056
Last Modified 27 Aug 2009 12:00:00
Published 24 Aug 2009 03:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-7056

Summary

BandSite CMS 1.1.4 does not perform access control for adminpanel/phpmydump.php, which allows remote attackers to obtain copies of the database via a direct request.

Vulnerable Systems

Application

  • Grayscalecms Bandsite Cms 1.1.4


References

XF - bandsitecms-phpmydump-info-disclosure(44588)

BID - 30788

MILW0RM - 6286

SECUNIA - 21992


Last Updated: 27 May 2016 10:49:26