The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote malicious users to obtain sensitive information via a direct request to database/db2000.mdb.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
maxwebportal maxwebportal 1.30 |