Vulnerabilities > CVE-2003-1213 - Unspecified vulnerability in Maxwebportal 1.30
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN maxwebportal
exploit available
Summary
The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | MaxWebPortal 1.30 Remote Database Disclosure. CVE-2003-1213. Webapps exploit for asp platform |
| id | EDB-ID:22747 |
| last seen | 2016-02-02 |
| modified | 2003-06-06 |
| published | 2003-06-06 |
| reporter | JeiAr |
| source | https://www.exploit-db.com/download/22747/ |
| title | MaxWebPortal 1.30 - Remote Database Disclosure |
References
- http://archives.neohapsis.com/archives/bugtraq/2003-06/0048.html
- http://archives.neohapsis.com/archives/bugtraq/2003-06/0048.html
- http://secunia.com/advisories/8979
- http://secunia.com/advisories/8979
- http://www.securityfocus.com/bid/7837
- http://www.securityfocus.com/bid/7837
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12279
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12279