CyberSec.Space Logo
Back to CVE Browser

CVE-2008-5608

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0850%
EPSS Percentile27.64th
PublishedDec 16, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

ASP AutoDealer stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for auto.mdb.

Affected Platforms (CPE)

πŸ“¦
Aspapps

Asp Autodealer

= _nil_

References & Advisories

πŸ”— http://securityreason.com/securityalert/4754
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/47124
πŸ”— https://www.exploit-db.com/exploits/7356
πŸ”— https://www.exploit-db.com/exploits/7360
πŸ”— http://securityreason.com/securityalert/4754
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/47124
πŸ”— https://www.exploit-db.com/exploits/7356
πŸ”— https://www.exploit-db.com/exploits/7360

Related Vulnerabilities

CVE-2007-00537.5

SQL injection vulnerability in detail.asp in ASP SiteWare autoDealer 2.0 and earlier allows remote attackers to execute arbitrary ...

CVE-2008-55957.5

SQL injection vulnerability in detail.asp in ASP AutoDealer allows remote attackers to execute arbitrary SQL commands via the ID p...

CVE-2008-68747.5

Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 and 2 allow remote attackers to execute arbitrary SQL commands...

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...