Описание
The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb.
Ссылки
- Patch
- Exploit
- ExploitPatch
- Patch
- Exploit
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:maxwebportal:maxwebportal:1.30:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.0802
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb.
EPSS
Процентиль: 92%
0.0802
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other