← back
CVE-2008-0249

CVE-2008-0249

EPSS 2.6%
PHP Webquest 2.6 allows remote attackers to retrieve database credentials via a direct request to admin/backup_phpwebquest.php, which leaks the credentials in an error message if a call to /usr/bin/mysqldump fails. NOTE: this might only be an issue in limited environments.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/4872unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/39572https://www.exploit-db.com/exploits/4872http://www.securityfocus.com/bid/27202