CVE Vulnerability

CVE-2008-7069

All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database configuration information, including credentials, via a direct request to accms.dat.

7.5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

References
Link Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/47121
https://www.exploit-db.com/exploits/7266
Configurations

Configuration 1

cpe:2.3:a:paul_arbogast:accms:0.0.1d:*:*:*:*:*:*:*
cpe:2.3:a:paul_arbogast:accms:0.0.1a:*:*:*:*:*:*:*
cpe:2.3:a:paul_arbogast:accms:0.0.1c:*:*:*:*:*:*:*
cpe:2.3:a:paul_arbogast:accms:0.0.1f:*:*:*:*:*:*:*
cpe:2.3:a:paul_arbogast:accms:*:*:*:*:*:*:*:*
cpe:2.3:a:paul_arbogast:accms:0.0.1h:*:*:*:*:*:*:*
cpe:2.3:a:paul_arbogast:accms:0.0.1e:*:*:*:*:*:*:*
cpe:2.3:a:paul_arbogast:accms:0.0.1g:*:*:*:*:*:*:*
Information

Published : 2009-08-25 10:30

Updated : 2017-09-29 01:33

NVD link : CVE-2008-7069

Mitre link : CVE-2008-7069

Products Affected

Paul Arbogast

CWE
CWE-200