Vulnerabilities > CVE-2004-1786 - Unspecified vulnerability in Iatek Portalapp

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

iatek

exploit available

NVD

Published: 2004-01-04

Updated: 2024-11-20

Summary

PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb.

Vulnerable Configurations

Part	Description	Count
Application	Iatek Iatek Portalapp *	1

Exploit-Db

description	ASPApp PortalAPP 0 Remote User Database Access Vulnerability. CVE-2004-1786. Webapps exploit for asp platform
id	EDB-ID:23515
last seen	2016-02-02
modified	2004-01-04
published	2004-01-04
reporter	newbie6290
source	https://www.exploit-db.com/download/23515/
title	ASPApp PortalAPP - Remote User Database Access Vulnerability

References

http://securitytracker.com/id?1008627
http://securitytracker.com/id?1008627
http://www.securityfocus.com/bid/9354
http://www.securityfocus.com/bid/9354
https://exchange.xforce.ibmcloud.com/vulnerabilities/14169
https://exchange.xforce.ibmcloud.com/vulnerabilities/14169