CVE-2004-1788
ASP-Nuke 1.3 - Information Disclosure via Direct Request to main.mdb
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2004-1788. PoCs published by Vietnamese Security Group.
AI-analyzed exploit summary This entry describes an information disclosure vulnerability in ASP-Nuke where the database file (main.mdb) is accessible without authentication, allowing attackers to retrieve sensitive user credentials. The provided URL is a generic example of the vulnerable path.
Description
ASP-Nuke 1.3 and earlier places user credentials under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to main.mdb.
Exploits (1)
This entry describes an information disclosure vulnerability in ASP-Nuke where the database file (main.mdb) is accessible without authentication, allowing attackers to retrieve sensitive user credentials. The provided URL is a generic example of the vulnerable path.