Vulnerabilities > CVE-2009-3597 - Files or Directories Accessible to External Parties vulnerability in Digitaldesign CMS Project Digitaldesign CMS 0.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Digitaldesign CMS 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for autoconfig.dd.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | Digitaldesign CMS 0.1 Remote Database Disclosure Vulnerability. CVE-2009-3597. Webapps exploit for php platform |
file | exploits/php/webapps/9115.txt |
id | EDB-ID:9115 |
last seen | 2016-02-01 |
modified | 2009-07-10 |
platform | php |
port | |
published | 2009-07-10 |
reporter | darkjoker |
source | https://www.exploit-db.com/download/9115/ |
title | Digitaldesign CMS 0.1 - Remote Database Disclosure Vulnerability |
type | webapps |