Title: HyperBook Guestbook data/gbconfiguration.dat Direct Request Information Disclosure
Feb 28, 2007
HyperBook Guestbook contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when requesting data/gbconfiguration.dat directly, which will disclose the administrator's MD5 password hash to a remote attacker.
Remote / Network Access
Loss of Confidentiality
OSVDB is not currently aware of a solution for this vulnerability.