CVE-2003-1571

EPSS 2.6%

Web Wiz Guestbook 6.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database and obtain sensitive information via a direct request for database/WWGguestbook.mdb. NOTE: it was later reported that 8.21 is also affected.

Affected products

n/a · n/a

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/7488unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/9639 https://www.exploit-db.com/exploits/7488 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=25863 http://www.osvdb.org/2492