CVE-2008-5853

Chilek Content Management System (aka ChiCoMaS) 2.0.4 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain database credentials via a direct request for config.inc or (2) read database backups via a request for a backup/ URI.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
VendorProductVersion
chicomaschicomas
𝑥
≤ 2.0.4
chicomaschicomas
2.0.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/30080
http://securityreason.com/securityalert/4872
http://www.bugreport.ir/index_59.htm
http://www.securityfocus.com/archive/1/499458/100/0/threaded
https://www.exploit-db.com/exploits/7532
http://secunia.com/advisories/30080
http://securityreason.com/securityalert/4872
http://www.bugreport.ir/index_59.htm
http://www.securityfocus.com/archive/1/499458/100/0/threaded
https://www.exploit-db.com/exploits/7532