CVE-2007-4937

2007-09-18T15:17:00
ID CVE-2007-4937
Type cve
Reporter NVD
Modified 2017-07-28T21:33:17

Description

CS Guestbook stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the admin name and MD5 password hash via a direct request for base/usr/0.php.