Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5298


Vulnerability Score 5.0 5.0
CVE Id CVE-2012-5298
Last Modified 05 Oct 2012 12:00:00
Published 04 Oct 2012 01:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Mavili Guestbook, as released in November 2007, stores guestbook.mdb under the web root with insufficient access control, which allows remote attackers to read the database via a direct request.

Vulnerable Systems


  • Mavili Guestbook Project Mavili Guestbook -


XF - mavili-guestbook-information-disclosure(72101)

BID - 51252


BUGTRAQ - 20120103 mavili guestbook - SQL Injection and XSS Vulnerabilities

Related Patches

VMware VMSA-2014-0006 VMware Workstation 9.0.4 for Windows (Update) (All Languages) (See Notes) (Rev 2)

Last Updated: 27 May 2016 11:00:52