CVE-2006-4578

Name of the Vulnerable Software and Affected Versions The Address Book version 1.04e

Description The issue allows remote attackers to obtain sensitive information by accessing a publicly accessible file that contains username and password hash information. This occurs when the export.php file dumps the MySQL database contents.

Recommendations For version 1.04e, consider restricting access to the export.php file to prevent remote attackers from obtaining sensitive information. As a temporary workaround, avoid using the export functionality until a fix is available.