VYPR

Portailphp

by Portail Web PHP

CVEs (6)

  • CVE-2007-1641Mar 23, 2007
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in PortailPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the idnews parameter.

  • CVE-2006-3922Jul 28, 2006
    risk 0.03cvss epss 0.04

    PHP remote file inclusion vulnerability in mod_membre/inscription.php in PortailPHP 1.7 allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter.

  • CVE-2005-2486Aug 7, 2005
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in mod_forum/read_message.php in PortailPHP allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php with the affiche parameter set to "Forum-read_mess", a different vulnerability than CVE-2005-1701.

  • CVE-2005-1701May 24, 2005
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in PortailPHP 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter to the (1) News, (2) File, (3) Liens, or (4) Faq modules.

  • CVE-2002-2278Dec 31, 2002
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the (1) $App_Theme, (2) $Rub_Search, (3) $Rub_News, (4) $Rub_File, (5) $Rub_Liens, or (6) $Rub_Faq variables.

  • CVE-2002-2277Dec 31, 2002
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin variables.