7 lines
No EOL
401 B
Text
7 lines
No EOL
401 B
Text
source: http://www.securityfocus.com/bid/7320/info
|
|
|
|
Guestbook has been reported prone to a sensitive information disclosure weakness.
|
|
|
|
An attacker may disclose sensitive information regarding the Super Guestbook install by sending a HTTP request for the Guest Book passwd file. Administration credentials are displayed in the attacker's browser.
|
|
|
|
http://www.example.com/cgi-bin/guestbook/passwd |