CVE-2008-7069

All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database configuration information, including credentials, via a direct request to accms.dat.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
paul_arbogastaccms
𝑥
≤ 0.0.2
paul_arbogastaccms
0.0.1a:a
paul_arbogastaccms
0.0.1c:c
paul_arbogastaccms
0.0.1d:d
paul_arbogastaccms
0.0.1e:e
paul_arbogastaccms
0.0.1f:f
paul_arbogastaccms
0.0.1g:g
paul_arbogastaccms
0.0.1h:h
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/47121
https://www.exploit-db.com/exploits/7266
https://exchange.xforce.ibmcloud.com/vulnerabilities/47121
https://www.exploit-db.com/exploits/7266