CVE-2012-4255

MySQLDumper 1.24.4 - Exposure of Sensitive Information via Direct Request to refresh_dblist.php

Title source: llm
STIX 2.1

Description

MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information via a direct request to learn/cubemail/refresh_dblist.php, which reveals the installation path in an error message.

References (3)

Core 3
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/53306
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/81616

Scores

EPSS 0.0133
EPSS Percentile 67.7%

Details

CWE
CWE-200
Status published
Products (1)
mysqldumper/mysqldumper 1.24.4
Published Aug 13, 2012
Tracked Since Feb 18, 2026