2532designs 2532|Gigs 1.2.2 and earlier allows remote attackers to trigger a backup and obtain sensitive information via a direct request to backup.php, which creates backup.sql under the web root with insufficient access control.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2009-02-19 16:30
Updated : 2017-09-28 18:33
NVD link : CVE-2008-6199
Mitre link : CVE-2008-6199
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
2532gigs
- 2532gigs