CVE-2007-2100

Name of the Vulnerable Software and Affected Versions FAC Guestbook version 2.0

Description The issue allows remote attackers to download a database due to insufficient access control. Sensitive information is stored under the web root, enabling attackers to access the database via a direct request for db/Gdb.mdb.

Recommendations For FAC Guestbook version 2.0, consider restricting access to the db directory to prevent unauthorized downloads of the database file Gdb.mdb until a proper fix is applied.