Unrated severityNVD Advisory· Published Aug 12, 2009· Updated Jun 16, 2026
CVE-2008-6960
CVE-2008-6960
Description
download.php in X10media x10 Automatic Mp3 Search Engine Script 1.5.5 through 1.6 allows remote attackers to read arbitrary files via an encoded url parameter, as demonstrated by obtaining database credentials from includes/constants.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Patches
Vulnerability mechanics
References
6- osvdb.org/49797nvdExploit
- www.securityfocus.com/bid/32227nvdExploit
- secunia.com/advisories/32537nvdVendor Advisory
- www.vupen.com/english/advisories/2008/3062nvdVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/46489nvd
- www.exploit-db.com/exploits/7074nvd
News mentions
0No linked articles in our index yet.