CVE-2008-5852

Name of the Vulnerable Software and Affected Versions Emefa Guestbook version 3.0

Description The issue allows remote attackers to download the database file via a direct request for guestbook.mdb due to insufficient access control. This is because sensitive information is stored under the web root.

Recommendations For Emefa Guestbook version 3.0, consider restricting access to the guestbook.mdb file until a proper fix is available. As a temporary workaround, moving the database file outside of the web root or implementing proper access controls can help mitigate the risk of exploitation.