Vulnerabilities > CVE-2004-0272 - Input Validation vulnerability in Maxwebportal 1.30/1.31
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in MaxWebPortal allows remote attackers to inject arbitrary SQL code and gain sensitive information via the SendTo parameter in Personal Messages.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |