Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7069

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-7069
Last Modified 25 Aug 2009 12:00:00
Published 25 Aug 2009 06:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-7069

Summary

All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database configuration information, including credentials, via a direct request to accms.dat.

Vulnerable Systems

Application

  • Paul Arbogast Accms 0.0.1a

  • Paul Arbogast Accms 0.0.1c

  • Paul Arbogast Accms 0.0.1d

  • Paul Arbogast Accms 0.0.1e

  • Paul Arbogast Accms 0.0.1f

  • Paul Arbogast Accms 0.0.1g

  • Paul Arbogast Accms 0.0.1h

  • Paul Arbogast Accms 0.0.2


References

XF - allclubcms-accms-info-disclosure(47121)

MILW0RM - 7266


Last Updated: 27 May 2016 10:49:26