Security
Games
Windows
Linux
Android
IOS
News
Reviews
AI
CVE-2008-6960 Vulnerability Details
/
/
/
CVE-2008-6960 Metadata Quick Info
CVE Published: 12/08/2009
|
CVE Updated: 07/08/2024
|
CVE Year: 2008
Source: mitre
|
Vendor: n/a
|
Product: n/a
Status : PUBLISHED
CVE-2008-6960 Description
download.php in X10media x10 Automatic Mp3 Search Engine Script 1.5.5 through 1.6 allows remote attackers to read arbitrary files via an encoded url parameter, as demonstrated by obtaining database credentials from includes/constants.php.
Metrics
CVSS Version: 3.1
|
Base Score: n/a
Vector: n/a
l➤ Exploitability Metrics:
Attack Vector (AV)*
Attack Complexity (AC)*
Privileges Required (PR)*
User Interaction (UI)*
Scope (S)*
l➤ Impact Metrics:
Confidentiality Impact (C)*
Integrity Impact (I)*
Availability Impact (A)*
Weakness Enumeration (CWE)
CWE-ID:
CWE Name: n/a
Source: n/a
Common Attack Pattern Enumeration and Classification (CAPEC)
CAPEC-ID:
CAPEC Description:
Source: NVD (National Vulnerability Database).
Last added CVEs
▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED
Tags:
CVE-2008-6960 Vulnerability Details