CVE-2008-7069

Paul Arbogast Accms < 0.0.2 - Information Disclosure

Title source: rule

Description

All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database configuration information, including credentials, via a direct request to accms.dat.

Exploits (1)

exploitdb WORKING POC VERIFIED

by StAkeR · perlwebappsphp

https://www.exploit-db.com/exploits/7266

View Code ZIP pw:eip

References (2)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/47121

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/7266

Scores

EPSS 0.0297

EPSS Percentile 86.5%

Details

CWE

CWE-200

Status published

Products (8)

paul_arbogast/accms 0.0.1a

paul_arbogast/accms 0.0.1c

paul_arbogast/accms 0.0.1d

paul_arbogast/accms 0.0.1e

paul_arbogast/accms 0.0.1f

paul_arbogast/accms 0.0.1g

paul_arbogast/accms 0.0.1h

paul_arbogast/accms < 0.0.2

Published Aug 25, 2009

Tracked Since Feb 18, 2026