CVE-2008-7069

EUVD-2008-7028
All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database configuration information, including credentials, via a direct request to accms.dat.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 86%
Affected Products (NVD)
VendorProductVersion
paul_arbogastaccms
𝑥
≤ 0.0.2
paul_arbogastaccms
0.0.1a:a
paul_arbogastaccms
0.0.1c:c
paul_arbogastaccms
0.0.1d:d
paul_arbogastaccms
0.0.1e:e
paul_arbogastaccms
0.0.1f:f
paul_arbogastaccms
0.0.1g:g
paul_arbogastaccms
0.0.1h:h
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/47121
https://www.exploit-db.com/exploits/7266
https://exchange.xforce.ibmcloud.com/vulnerabilities/47121
https://www.exploit-db.com/exploits/7266