5
CVSSv2

CVE-2009-4760

Published: 29/03/2010 Updated: 19/09/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 485
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

Winn ASP Guestbook 1.01 Beta stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for data/guestbook.mdb.

Affected Products

Vendor Product Versions
WinnAsp Guestbook1.01

Exploits

#!/usr/bin/perl -w # # Winn ASP Guestbook 101 Beta Database Disclosure Exploit # # Found By : ZoRLu # # Home: yildirimordularicom , dafgamerscom , z0rlublogspotcom # # Not: Bana Bug BulamIyorum, YapamIyorum Demeyin aq Elin Gavuru YapIyor Sizler Niye YapamIyorsunuz istemiyorsunuz isteseniz Sizlerde YaparsInýz # # Thanks: Str0ke, Cyber-Zon ...