Abczone.it: Security Vulnerabilities
SQL injection vulnerability in login.asp in WWWguestbook 1.1 allows remote attackers to execute arbitrary SQL commands via the password parameter.
CVSS Score
7.5
EPSS Score
0.005
Published
2005-05-03
Abczone.it WWWguestbook 1.1 stores db/dbase.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the plaintext username and password.
CVSS Score
5.0
EPSS Score
0.004
Published
2004-12-31