Portailphp
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-1641 | 0.03 | — | 0.01 | Mar 23, 2007 | SQL injection vulnerability in index.php in PortailPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the idnews parameter. | |||
| CVE-2006-3922 | 0.03 | — | 0.04 | Jul 28, 2006 | PHP remote file inclusion vulnerability in mod_membre/inscription.php in PortailPHP 1.7 allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter. | |||
| CVE-2005-2486 | 0.03 | — | 0.01 | Aug 7, 2005 | SQL injection vulnerability in mod_forum/read_message.php in PortailPHP allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php with the affiche parameter set to "Forum-read_mess", a different vulnerability than CVE-2005-1701. | |||
| CVE-2005-1701 | 0.03 | — | 0.01 | May 24, 2005 | SQL injection vulnerability in PortailPHP 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter to the (1) News, (2) File, (3) Liens, or (4) Faq modules. | |||
| CVE-2002-2278 | 0.00 | — | 0.01 | Dec 31, 2002 | Cross-site scripting (XSS) vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the (1) $App_Theme, (2) $Rub_Search, (3) $Rub_News, (4) $Rub_File, (5) $Rub_Liens, or (6) $Rub_Faq variables. | |||
| CVE-2002-2277 | 0.00 | — | 0.01 | Dec 31, 2002 | SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin variables. |
- CVE-2007-1641Mar 23, 2007risk 0.03cvss —epss 0.01
SQL injection vulnerability in index.php in PortailPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the idnews parameter.
- CVE-2006-3922Jul 28, 2006risk 0.03cvss —epss 0.04
PHP remote file inclusion vulnerability in mod_membre/inscription.php in PortailPHP 1.7 allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter.
- CVE-2005-2486Aug 7, 2005risk 0.03cvss —epss 0.01
SQL injection vulnerability in mod_forum/read_message.php in PortailPHP allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php with the affiche parameter set to "Forum-read_mess", a different vulnerability than CVE-2005-1701.
- CVE-2005-1701May 24, 2005risk 0.03cvss —epss 0.01
SQL injection vulnerability in PortailPHP 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter to the (1) News, (2) File, (3) Liens, or (4) Faq modules.
- CVE-2002-2278Dec 31, 2002risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the (1) $App_Theme, (2) $Rub_Search, (3) $Rub_News, (4) $Rub_File, (5) $Rub_Liens, or (6) $Rub_Faq variables.
- CVE-2002-2277Dec 31, 2002risk 0.00cvss —epss 0.01
SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin variables.