CVE-2005-1425

Name of the Vulnerable Software and Affected Versions: Uapplication Uguestbook version 1.0

Description: The issue allows remote attackers to download a database due to insufficient access control. Sensitive information is stored under the web root, enabling attackers to access the database via a direct request for "mdb-database/guestbook.mdb".

Recommendations: For Uapplication Uguestbook version 1.0, consider restricting access to the mdb-database directory to prevent unauthorized downloads of the guestbook.mdb database file. As a temporary workaround, restrict access to the sensitive information stored under the web root until a more permanent solution is available.