3 matches found
Improper access control
PortalApp stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for 8691.mdb, a different vector than CVE-2004-1786...
CVE-2004-1786
CVE-2004-1786 affects PortalApp and stems from insufficient access control that places user credentials under the web root. The vulnerability enables remote attackers to access sensitive information by directly requesting 8275.mdb. Connected sources confirm this exposure but do not document a pat...
CVE-2004-1786
PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb...