VYPR

Jportal

by Jportal

CVEs (6)

  • CVE-2008-6451Mar 13, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in humor.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2004-2036 or CVE-2005-3509.

  • CVE-2007-5973Nov 15, 2007
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in articles.php in JPortal 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter.

  • CVE-2007-5974Nov 15, 2007
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in mailer.php in JPortal 2 allows remote attackers to execute arbitrary SQL commands via the to parameter.

  • CVE-2007-5912Nov 10, 2007
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the to parameter.

  • CVE-2004-2036May 28, 2004
    risk 0.03cvss epss 0.03

    SQL injection vulnerability in the art_print function in print.inc.php in unknown versions of jPortal before 2.3.1 allows remote attackers to inject arbitrary SQL commands via the id parameter.

  • CVE-2007-0912Feb 13, 2007
    risk 0.00cvss epss 0.02

    Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php in Jportal 2.3.1, and possibly earlier, allows remote attackers to perform privileged actions as administrators by tricking the admin into accessing a URL with modified arguments to admin/admin.adm.php.