Описание
admin/sauvBase.php in Blog Pixel Motion (aka Blog PixelMotion) does not require authentication, which allows remote attackers to trigger a database backup dump, and obtain the resulting blogPM.sql file that contains sensitive information.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:pixel_motion:pixel_motion_blog:*:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04658
Низкий
7.5 High
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
почти 4 года назад
admin/sauvBase.php in Blog Pixel Motion (aka Blog PixelMotion) does not require authentication, which allows remote attackers to trigger a database backup dump, and obtain the resulting blogPM.sql file that contains sensitive information.
EPSS
Процентиль: 89%
0.04658
Низкий
7.5 High
CVSS2
Дефекты
CWE-287