4 matches found
CVE-2007-0094
Sven Moderow GuestBook 0.3a stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for 1 gbook97.mdb or 2 gbook.mdb in db/...
Improper access control
Sven Moderow GuestBook 0.3a stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for 1 gbook97.mdb or 2 gbook.mdb in db/...
CVE-2007-0094
Sven Moderow GuestBook 0.3a stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for 1 gbook97.mdb or 2 gbook.mdb in db/...
CVE-2007-0094
The CVE-2007-0094 entry concerns Sven Moderow GuestBook 0.3a, where sensitive data is stored under the web root with insufficient access control. Remote attackers could directly download the database files gbook97.mdb or gbook.mdb located in ~db/, exposing passwords and other credentials. This vu...