Web Wiz Guestbook 6.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database and obtain sensitive information via a direct request for database/WWGguestbook.mdb. NOTE: it was later reported that 8.21 is also affected.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-08T02:35:17.474Z
Reserved: 2009-04-02T00:00:00
Link: CVE-2003-1571

No data.

Status : Modified
Published: 2009-04-02T15:30:00.233
Modified: 2024-11-20T23:47:27.883
Link: CVE-2003-1571

No data.