VYPR

Webportal CMS

by Webportal

CVEs (6)

  • CVE-2008-0141HigJan 8, 2008
    risk 0.52cvss 7.5epss 0.04

    actions.php in WebPortal CMS 0.6-beta generates predictable passwords containing only the time of day, which makes it easier for remote attackers to obtain access to any account via a lostpass action.

  • CVE-2009-1445Apr 27, 2009
    risk 0.03cvss epss 0.06

    Multiple directory traversal vulnerabilities in WebPortal CMS 0.8-beta allow remote attackers to (1) read arbitrary files via directory traversal sequences in the lang parameter to libraries/helpdocs/help.php and (2) include and execute arbitrary local files via directory…

  • CVE-2009-1444Apr 27, 2009
    risk 0.03cvss epss 0.02

    PHP remote file inclusion vulnerability in indexk.php in WebPortal CMS 0.8-beta allows remote attackers to execute arbitrary PHP code via a URL in the lib_path parameter.

  • CVE-2008-4345Sep 30, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in download.php in WebPortal CMS 0.7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the aid parameter.

  • CVE-2008-0142Jan 8, 2008
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in WebPortal CMS 0.6-beta allow remote attackers to execute arbitrary SQL commands via the user_name parameter to actions.php, and unspecified other vectors.

  • CVE-2007-6664Jan 4, 2008
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in index.php in WebPortal CMS 0.6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter.