Filtered by vendor Phpwebquest
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-0249 | 1 Phpwebquest | 1 Phpwebquest | 2024-02-28 | 5.0 MEDIUM | N/A |
PHP Webquest 2.6 allows remote attackers to retrieve database credentials via a direct request to admin/backup_phpwebquest.php, which leaks the credentials in an error message if a call to /usr/bin/mysqldump fails. NOTE: this might only be an issue in limited environments. |