download.php in the MuddyDogPaws FileDownload snippet before 2.5 for MODx allows remote attackers to download arbitrary files, as demonstrated by downloading config.inc.php to obtain database credentials.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2007-02-01T22:00:00
Updated: 2009-02-26T10:00:00
Reserved: 2007-02-01T00:00:00
Link: CVE-2007-0659
JSON object: View
NVD Information
Status : Modified
Published: 2007-02-01T22:28:00.000
Modified: 2023-11-07T02:00:10.330
Link: CVE-2007-0659
JSON object: View
Redhat Information
No data.
CWE