CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-4255

MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information via a direct request to learn/cubemail/refresh_dblist.php, which reveals the installation path in an error message.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.3%

CVSS Severity

CVSS v2 Score 4.3

References

http://packetstormsecurity.org/files/112304/MySQLDumper-1.24.4-LFI-XSS-CSRF-Code-Execution-Traversal.html
http://www.osvdb.org/81616
http://www.securityfocus.com/bid/53306
http://packetstormsecurity.org/files/112304/MySQLDumper-1.24.4-LFI-XSS-CSRF-Code-Execution-Traversal.html
http://www.osvdb.org/81616
http://www.securityfocus.com/bid/53306

Products affected by CVE-2012-4255

Mysqldumper » Mysqldumper » Version: 1.24.4

cpe:2.3:a:mysqldumper:mysqldumper:1.24.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-4255

Products

Pricing

Contact Us