VYPR

Portail Web PHP

by Portail Web PHP

CVEs (6)

  • CVE-2008-0645Feb 7, 2008
    risk 0.06cvss epss 0.34

    Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) config/conf-activation.php, (2) menu/item.php, and (3) modules/conf_modules.php in admin/system/; and…

  • CVE-2008-1068Feb 28, 2008
    risk 0.03cvss epss 0.02

    Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) Vert/index.php, (2) Noir/index.php, and (3) Bleu/index.php in template/, different vectors…

  • CVE-2007-0699Feb 4, 2007
    risk 0.03cvss epss 0.03

    PHP remote file inclusion vulnerability in includes/includes.php in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) before 2.5.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the site_path parameter.

  • CVE-2007-0700Feb 4, 2007
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in index.php in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this issue was later reported for 2.5.1.1.

  • CVE-2002-2278Dec 31, 2002
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the (1) $App_Theme, (2) $Rub_Search, (3) $Rub_News, (4) $Rub_File, (5) $Rub_Liens, or (6) $Rub_Faq variables.

  • CVE-2002-2277Dec 31, 2002
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin variables.