Jportal
by Jportal
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-6451 | 0.03 | — | 0.01 | Mar 13, 2009 | SQL injection vulnerability in humor.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2004-2036 or CVE-2005-3509. | |||
| CVE-2007-5973 | 0.03 | — | 0.01 | Nov 15, 2007 | SQL injection vulnerability in articles.php in JPortal 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter. | |||
| CVE-2007-5974 | 0.03 | — | 0.01 | Nov 15, 2007 | SQL injection vulnerability in mailer.php in JPortal 2 allows remote attackers to execute arbitrary SQL commands via the to parameter. | |||
| CVE-2007-5912 | 0.03 | — | 0.01 | Nov 10, 2007 | SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the to parameter. | |||
| CVE-2004-2036 | 0.03 | — | 0.03 | May 28, 2004 | SQL injection vulnerability in the art_print function in print.inc.php in unknown versions of jPortal before 2.3.1 allows remote attackers to inject arbitrary SQL commands via the id parameter. | |||
| CVE-2007-0912 | 0.00 | — | 0.02 | Feb 13, 2007 | Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php in Jportal 2.3.1, and possibly earlier, allows remote attackers to perform privileged actions as administrators by tricking the admin into accessing a URL with modified arguments to admin/admin.adm.php. |
- CVE-2008-6451Mar 13, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in humor.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2004-2036 or CVE-2005-3509.
- CVE-2007-5973Nov 15, 2007risk 0.03cvss —epss 0.01
SQL injection vulnerability in articles.php in JPortal 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter.
- CVE-2007-5974Nov 15, 2007risk 0.03cvss —epss 0.01
SQL injection vulnerability in mailer.php in JPortal 2 allows remote attackers to execute arbitrary SQL commands via the to parameter.
- CVE-2007-5912Nov 10, 2007risk 0.03cvss —epss 0.01
SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the to parameter.
- CVE-2004-2036May 28, 2004risk 0.03cvss —epss 0.03
SQL injection vulnerability in the art_print function in print.inc.php in unknown versions of jPortal before 2.3.1 allows remote attackers to inject arbitrary SQL commands via the id parameter.
- CVE-2007-0912Feb 13, 2007risk 0.00cvss —epss 0.02
Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php in Jportal 2.3.1, and possibly earlier, allows remote attackers to perform privileged actions as administrators by tricking the admin into accessing a URL with modified arguments to admin/admin.adm.php.