6 matches found
Improper access control
All Club CMS ACCMS 0.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database configuration information, including credentials, via a direct request to accms.dat...
CVE-2008-7069
All Club CMS ACCMS 0.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database configuration information, including credentials, via a direct request to accms.dat...
CVE-2008-7069
CVE-2008-7069 affects All Club CMS (ACCMS) 0.0.2 and earlier. The vulnerability is improper access control that stores sensitive information under the web root, enabling remote attackers to retrieve database configuration data, including credentials, via a direct request to accms.dat. CVSSv2 base...
Directory traversal
Directory traversal vulnerability in index.php in All Club CMS ACCMS 0.0.1f and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the classname parameter...
CVE-2008-0601
CVE-2008-0601 describes an SQL injection in All Club CMS (ACCMS)
CVE-2008-0602
CVE-2008-0602 affects All Club CMS (ACCMS) versions 0.0.1f and earlier. The vulnerability is a directory traversal flaw in index.php that allows remote attackers to include and execute arbitrary local files via traversal sequences in the class_name parameter. Client impact per CVSS2 is Partial co...