CVE-2005-4880: Jax Guestbook 3.1 and 3.31 stores sensitive information under the web root with insufficient access control, which allow

Jax Guestbook versions 3.1 and 3.31 store sensitive user information, like IP addresses, in directories accessible to the web (the folder a website serves files from), with weak access controls that allow anyone on the internet to view it by directly requesting certain files. Remote attackers can obtain user IP addresses by requesting files like guestbook, guestbook_ips2block, ips2block, and formmailer/logfile.csv.