CVE-2007-4937

CS Guestbook stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the admin name and MD5 password hash via a direct request for base/usr/0.php.
Configurations

Configuration 1

cpe:2.3:a:comscripts:cs_guestbook:*:*:*:*:*:*:*:*

Information

Published : 2007-09-18 07:17

Updated : 2018-10-15 09:38


NVD link : CVE-2007-4937

Mitre link : CVE-2007-4937

Products Affected
No products.
CWE