CVE-2003-1571 Information

Description

Web Wiz Guestbook 6.0 stores sensitive information under the web root with insufficient access control which allows remote attackers to download the database and obtain sensitive information via a direct request for database/WWGguestbook.mdb. NOTE: it was later reported that 8.21 is also affected.

Reference

http://secunia.com/advisories/9639 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=25863 http://www.osvdb.org/2492 https://www.exploit-db.com/exploits/7488