CVE-2008-5596

Ikon AdManager <2.1 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-5596. PoCs published by Ghost Hacker.

AI-analyzed exploit summary This is a writeup describing a database disclosure vulnerability in Ikon AdManager 2.1. The exploit details how an attacker can directly access the database file via a predictable path.

Description

Ikon AdManager 2.1 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for ikonBAnner_AdManager.mdb.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Ghost Hacker · textwebappsasp

https://www.exploit-db.com/exploits/7372

View Code ZIP pw:eip

This is a writeup describing a database disclosure vulnerability in Ikon AdManager 2.1. The exploit details how an attacker can directly access the database file via a predictable path.

Classification

Writeup 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Ikon AdManager 2.1

No auth needed

Prerequisites: knowledge of the target path

MITRE ATT&CK

T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/4755

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/33029

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/7372

Scores

EPSS 0.0259

EPSS Percentile 83.2%

Details

CWE

CWE-264

Status published

Products (1)

dotnetindex/ikon_admanager < 2.1

Published Dec 16, 2008

Tracked Since Feb 18, 2026