6.7 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
77.8%
JAG (Just Another Guestbook) 1.14 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request for jag/database.sql.
exchange.xforce.ibmcloud.com/vulnerabilities/56228
www.exploit-db.com/exploits/11406