Back to search
CVE-2008-0249
Published: Jan 12, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
PHP Webquest 2.6 allows remote attackers to retrieve database credentials via a direct request to admin/backup_phpwebquest.php, which leaks the credentials in an error message if a call to /usr/bin/mysqldump fails. NOTE: this might only be an issue in limited environments.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
27202
vdb-entry
x_refsource_BID
4872
exploit
x_refsource_EXPLOIT-DB
phpwebquest-backup-information-disclosure(39572)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now