[VIM] MaxWebPortal acknowledgement - but for what?

Steven M. Christey coley at mitre.org
Fri May 13 22:15:14 EDT 2005

from http://www.maxwebportal.com/announcements.asp#48

"MaxWebPortal Version 1.36

MaxWebPortal Version 1.36 - Keeping MaxWebPortal Secure

All security fixes have been thoroughly tested in all supported
operating systems and databases...  Special thanks to Zinho from
SecurityForge for auditing the source code.  Thanks to mAtrix for
fixing the injection bugs and to all who participated in testing."

The announcement isn't dated, and their forums are currently down, and
they have other recent vuln's announced.  So at this instant it's not
clear whether they're talking about these issues:

  BUGTRAQ:20050511 [HSC Security Group] MaxWebPortal - Multiple SQL

... or some other set of issues.

Can't find an email POC, either...

- Steve

More information about the VIM mailing list