CVE-2005-1647

Name of the Vulnerable Software and Affected Versions Gurgens (GASoft) Guest Book version 2.1

Description The issue concerns insufficient access control to the db/Genid.dat database file, which is stored under the web document root. This allows remote attackers to obtain and decrypt usernames and passwords.

Recommendations For version 2.1, consider restricting access to the db/Genid.dat file to prevent remote attackers from obtaining sensitive information. As a temporary workaround, move the db/Genid.dat file outside of the web document root to minimize the risk of exploitation.