← back
CVE-2008-6815

CVE-2008-6815

EPSS 2.8%
mykdownload.php in MyKtools 2.4 does not require administrative authentication, which allows remote attackers to read a database backup by making a direct request, and then sending an unspecified request to the download page for the backup.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/6855unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/46145https://www.exploit-db.com/exploits/6855http://www.securityfocus.com/bid/31950