CVE-2003-1213 Information

Description

The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb.

Reference

http://archives.neohapsis.com/archives/bugtraq/2003-06/0048.html http://secunia.com/advisories/8979 http://www.securityfocus.com/bid/7837 https://exchange.xforce.ibmcloud.com/vulnerabilities/12279