CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2008-5608

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0850%
EPSS Percentile27.64th
Published2008年12月16日
Last Modified2026年4月23日

Vulnerability Description

ASP AutoDealer stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for auto.mdb.

Affected Platforms (CPE)

📦
Aspapps

Asp Autodealer

= _nil_

References & Advisories

🔗 http://securityreason.com/securityalert/4754
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/47124
🔗 https://www.exploit-db.com/exploits/7356
🔗 https://www.exploit-db.com/exploits/7360
🔗 http://securityreason.com/securityalert/4754
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/47124
🔗 https://www.exploit-db.com/exploits/7356
🔗 https://www.exploit-db.com/exploits/7360

相關漏洞威脅

CVE-2007-00537.5

SQL injection vulnerability in detail.asp in ASP SiteWare autoDealer 2.0 and earlier allows remote attackers to execute arbitrary ...

CVE-2008-55957.5

SQL injection vulnerability in detail.asp in ASP AutoDealer allows remote attackers to execute arbitrary SQL commands via the ID p...

CVE-2008-68747.5

Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 and 2 allow remote attackers to execute arbitrary SQL commands...

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...