Vulnerabilities > CVE-2007-1192 - Unspecified vulnerability in Hyperbook Guestbook 1.30

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
hyperbook
exploit available
NVD
Published: 2007-03-02
Updated: 2024-11-21

Summary

Thomas R. Pasawicz HyperBook Guestbook 1.30 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download an admin password hash via a direct request for data/gbconfiguration.dat.

Vulnerable Configurations

Part Description Count
Application
Hyperbook
1

Exploit-Db

descriptionHyperBook Guestbook 1.3 GBConfiguration.DAT Hashed Password Information Disclosure Vulnerability. CVE-2007-1192. Remote exploit for windows platform
idEDB-ID:29687
last seen2016-02-03
modified2007-02-28
published2007-02-28
reporterPeTrO
sourcehttps://www.exploit-db.com/download/29687/
titleHyperBook Guestbook 1.3 GBConfiguration.DAT Hashed Password Information Disclosure Vulnerability

References