CVE-2008-6199

2009-02-20T00:30:00
ID CVE-2008-6199
Type cve
Reporter cve@mitre.org
Modified 2017-09-29T01:33:00

Description

2532designs 2532|Gigs 1.2.2 and earlier allows remote attackers to trigger a backup and obtain sensitive information via a direct request to backup.php, which creates backup.sql under the web root with insufficient access control. Reference links indicate attacker must be authenticated for attack to be successful.