CVE Vulnerabilities

CVE-2003-1571

Published: Apr 02, 2009 | Modified: Nov 20, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

Web Wiz Guestbook 6.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database and obtain sensitive information via a direct request for database/WWGguestbook.mdb. NOTE: it was later reported that 8.21 is also affected.

Affected Software

Name Vendor Start Version End Version
Web_wiz_guestbook Webwizguide 6.0 (including) 6.0 (including)
Web_wiz_guestbook Webwizguide 8.21 (including) 8.21 (including)

References