VYPR

WSPortal

by WSPortal

CVEs (2)

  • CVE-2007-3127Jun 19, 2007
    risk 0.03cvss epss 0.03

    content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows remote attackers to obtain sensitive information via a "';" (quote semicolon) sequence in the page parameter, which reveals the installation path in the resulting forced SQL error message.

  • CVE-2007-3128Jun 19, 2007
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the page parameter.