RSS   Vulnerabilities for 'Cs guestbook'   RSS

2007-09-18
 
CVE-2007-4937

CWE-264
 

 
CS Guestbook stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the admin name and MD5 password hash via a direct request for base/usr/0.php.

 

 >>> Vendor: Comscripts 11 Products
Web server creator
Cs-forum
Annoncev
News evolution
Phprog
Phpmyphorum
J-web pics navigator
Cs guestbook
Quick classifieds
Web server creator web portal
Gedcom to mysl


Copyright 2021, cxsecurity.com

 

Back to Top