Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6008


Vulnerability Score 5.0 5.0
CVE Id CVE-2008-6008
Last Modified 30 Jan 2009 12:00:00
Published 30 Jan 2009 01:30:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



hyBook Guestbook Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing a password via a direct request for hyBook.mdb.

Vulnerable Systems


  • Herongyang Hybook Nil


XF - hybook-guestbook-hybook-info-disclosure(45513)

BUGTRAQ - 20080927 hyBook Remote Password Disclouse Vulnerability

SECUNIA - 32079

Last Updated: 27 May 2016 10:49:02