Vulnerabilities > CVE-2003-1213 - Unspecified vulnerability in Maxwebportal 1.30

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

maxwebportal

exploit available

NVD

Published: 2003-12-31

Updated: 2017-07-11

Summary

The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb.

Vulnerable Configurations

Part	Description	Count
Application	Maxwebportal Maxwebportal Maxwebportal 1.30	1

Exploit-Db

description	MaxWebPortal 1.30 Remote Database Disclosure. CVE-2003-1213. Webapps exploit for asp platform
id	EDB-ID:22747
last seen	2016-02-02
modified	2003-06-06
published	2003-06-06
reporter	JeiAr
source	https://www.exploit-db.com/download/22747/
title	MaxWebPortal 1.30 - Remote Database Disclosure

Summary

Vulnerable Configurations

Exploit-Db

References