CVE-2010-0665

Name of the Vulnerable Software and Affected Versions JAG (Just Another Guestbook) version 1.14

Description The issue allows remote attackers to obtain sensitive information due to insufficient access control. Sensitive information is stored under the web root, making it accessible via a direct request for jag/database.sql.

Recommendations For JAG (Just Another Guestbook) version 1.14, consider restricting access to the jag/database.sql file to prevent unauthorized access until a proper fix is available. As a temporary workaround, moving sensitive information outside of the web root or implementing proper access controls can help mitigate the risk.