RSS   Vulnerabilities for 'Portalapp'   RSS

2005-12-22
 
CVE-2005-4482

 

 
Cross-site scripting (XSS) vulnerability in login.asp in PortalApp 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ret_page parameter.

 
2005-05-02
 
CVE-2005-0949

 

 
Multiple cross-site scripting (XSS) vulnerabilities in content.asp in Iatek PortalApp allow remote attackers to inject arbitrary web script or HTML via the (1) contenttype or (2) keywords parameter.

 
 
CVE-2005-0948

 

 
SQL injection vulnerability in ad_click.asp for PortalApp allows remote attackers to execute arbitrary SQL commands via the banner_id parameter.

 
2004-01-04
 
CVE-2004-1786

 

 
PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb.

 
2002-12-31
 
CVE-2002-1659

 

 
user_profile.asp in PortalApp 2.2 allows local users to gain privileges by modifying the user_id variable.

 

 >>> Vendor: Iatek 5 Products
Portalapp
Siteenable
Intranetapp
Projectapp
Aspapp


Copyright 2019, cxsecurity.com

 

Back to Top