1 results (0.003 seconds)

CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 3

Thomas R. Pasawicz HyperBook Guestbook 1.30 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download an admin password hash via a direct request for data/gbconfiguration.dat. Thomas R. Pasawicz HyperBook Guestbook 1.30 almancena información sensible bajo la raiz web con insuficientes controles de acceso, lo cual permite a atacantes remotos descargar una contraseña hash de admin a través de una respuesta directa a data/gbconfiguration.dat. • https://www.exploit-db.com/exploits/29687 http://downloads.securityfocus.com/vulnerabilities/exploits/22754.py http://osvdb.org/33868 http://secunia.com/advisories/24392 http://www.securityfocus.com/bid/22754 •