VYPR

Ajaxportal

by Myiosoft

CVEs (5)

  • CVE-2009-1509May 1, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in ajaxp_backend.php in MyioSoft AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.

  • CVE-2008-5653Dec 17, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. NOTE: some of these details are obtained from third…

  • CVE-2009-2262Jun 30, 2009
    risk 0.00cvss epss 0.01

    PHP remote file inclusion vulnerability in install/di.php in AjaxPortal 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the pathtoserverdata parameter. NOTE: the installation instructions specify deleting the install/ folder.

  • CVE-2006-3666Jul 18, 2006
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in AjaxPortal 3.0, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the 'Search' field, a different vulnerability than CVE-2006-3515.

  • CVE-2006-3515Jul 11, 2006
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in the loginADP function in ajaxp.php in AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters.