← back
CVE-2008-1868

CVE-2008-1868

EPSS 2.6%
admin/sauvBase.php in Blog Pixel Motion (aka Blog PixelMotion) does not require authentication, which allows remote attackers to trigger a database backup dump, and obtain the resulting blogPM.sql file that contains sensitive information.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/5380unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/41671https://www.exploit-db.com/exploits/5380http://www.vupen.com/english/advisories/2008/1121/references