CVE-2004-2428

Name of the Vulnerable Software and Affected Versions: Abczone.it WWWguestbook version 1.1

Description: The issue allows remote attackers to obtain sensitive information, including plaintext usernames and passwords, due to insufficient access control of the db/dbase.mdb file stored under the web document root.

Recommendations: For version 1.1, restrict access to the db/dbase.mdb file to prevent remote attackers from obtaining sensitive information. Consider relocating the file outside of the web document root or implementing proper access controls to mitigate the risk.