CVE-2008-5606

Gazatem QMail Mailing List Manager 1.2 - Info Disclosure

Title source: llm
STIX 2.1

Description

Gazatem QMail Mailing List Manager 1.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for qmail.mdb.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Ghost Hacker · textwebappsasp
https://www.exploit-db.com/exploits/7376

References (4)

Core 4
Core References
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4764
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33008
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/47152
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/7376

Scores

EPSS 0.0509
EPSS Percentile 89.9%

Details

CWE
CWE-264
Status published
Products (1)
gazatem_technologies/qmail_mailing_list_manager 1.2
Published Dec 16, 2008
Tracked Since Feb 18, 2026