Vulnerabilities > Herongyang

DATE CVE VULNERABILITY TITLE RISK
2009-01-30 CVE-2008-6008 Permissions, Privileges, and Access Controls vulnerability in Herongyang Hybook NIL
hyBook Guestbook Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing a password via a direct request for hyBook.mdb.
network
low complexity
herongyang CWE-264
5.0