Unrated severityNVD Advisory· Published Dec 12, 2012· Updated Jun 16, 2026
CVE-2012-4976
CVE-2012-4976
Description
selectawasset.asp in Layton Helpbox 4.4.0 allows remote attackers to discover ODBC database credentials via an element=sys_asset_id request, which is not properly handled during construction of an error page.
Affected products
2cpe:2.3:a:layton_technology:helpbox:4.4.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:layton_technology:helpbox:4.4.0:*:*:*:*:*:*:*
- (no CPE)range: 4.4.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.