VYPR

Miniportail

by Miniportail

CVEs (3)

  • CVE-2008-6168Feb 19, 2009
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in search.php in miniPortail 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified argument, probably the search string.

  • CVE-2008-6167Feb 19, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in search.php in miniPortail 2.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lng parameter.

  • CVE-2003-0272May 27, 2003
    risk 0.00cvss epss 0.02

    admin.php in miniPortail allows remote attackers to gain administrative privileges by setting the miniPortailAdmin cookie to an "adminok" value.