CVE Vulnerabilities

CVE-2004-2608

Published: Dec 31, 2004 | Modified: Jul 20, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

SmartWebby Smart Guest Book stores SmartGuestBook.mdb (aka the news database) under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the unencrypted username and password of the administrators account.

Affected Software

Name Vendor Start Version End Version
Smart_guest_book Smartwebby 2 2

References