Vulnerabilities > CVE-2003-1213 - Unspecified vulnerability in Maxwebportal 1.30

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
maxwebportal
exploit available

Summary

The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb.

Vulnerable Configurations

Part Description Count
Application
Maxwebportal
1

Exploit-Db

descriptionMaxWebPortal 1.30 Remote Database Disclosure. CVE-2003-1213. Webapps exploit for asp platform
idEDB-ID:22747
last seen2016-02-02
modified2003-06-06
published2003-06-06
reporterJeiAr
sourcehttps://www.exploit-db.com/download/22747/
titleMaxWebPortal 1.30 - Remote Database Disclosure