This is a writeup describing an information disclosure vulnerability in Asp Uguestbook, allowing unauthorized download of the guestbook.mdb database file. The exploit details a direct path traversal to access the database.
Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:Asp Uguestbook (version unspecified)
No auth needed
Prerequisites:Network access to the target server · Knowledge of the Uguestbook installation path