Vendor

Portailphp

Products

CVEs

Across products

Status

Private

Products

CVE	Risk	CVSS	EPSS	Published	Description
CVE-2006-3922	0.04	—	0.10	Jul 28, 2006	PHP remote file inclusion vulnerability in mod_membre/inscription.php in PortailPHP 1.7 allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter.
CVE-2007-1641	0.03	—	0.01	Mar 23, 2007	SQL injection vulnerability in index.php in PortailPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the idnews parameter.
CVE-2005-2486	0.03	—	0.00	Aug 7, 2005	SQL injection vulnerability in mod_forum/read_message.php in PortailPHP allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php with the affiche parameter set to "Forum-read_mess", a different vulnerability than CVE-2005-1701.
CVE-2005-1701	0.03	—	0.00	May 24, 2005	SQL injection vulnerability in PortailPHP 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter to the (1) News, (2) File, (3) Liens, or (4) Faq modules.

CVE-2006-3922Jul 28, 2006
risk 0.04cvss —epss 0.10
PHP remote file inclusion vulnerability in mod_membre/inscription.php in PortailPHP 1.7 allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter.
CVE-2007-1641Mar 23, 2007
risk 0.03cvss —epss 0.01
SQL injection vulnerability in index.php in PortailPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the idnews parameter.
CVE-2005-2486Aug 7, 2005
risk 0.03cvss —epss 0.00
SQL injection vulnerability in mod_forum/read_message.php in PortailPHP allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php with the affiche parameter set to "Forum-read_mess", a different vulnerability than CVE-2005-1701.
CVE-2005-1701May 24, 2005
risk 0.03cvss —epss 0.00
SQL injection vulnerability in PortailPHP 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter to the (1) News, (2) File, (3) Liens, or (4) Faq modules.