selectawasset.asp in Layton Helpbox 4.4.0 allows remote malicious users to discover ODBC database credentials via an element=sys_asset_id request, which is not properly handled during construction of an error page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
layton technology helpbox 4.4.0 |