RSS   Vulnerabilities for 'Webportal cms'   RSS

2009-04-27
 
CVE-2009-1444

CWE-94
 

 
PHP remote file inclusion vulnerability in indexk.php in WebPortal CMS 0.8-beta allows remote attackers to execute arbitrary PHP code via a URL in the lib_path parameter.

 
2008-09-30
 
CVE-2008-4345

CWE-89
 

 
SQL injection vulnerability in download.php in WebPortal CMS 0.7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the aid parameter.

 
2008-01-08
 
CVE-2008-0142

 

 
Multiple SQL injection vulnerabilities in WebPortal CMS 0.6-beta allow remote attackers to execute arbitrary SQL commands via the user_name parameter to actions.php, and unspecified other vectors.

 
 
CVE-2008-0141

 

 
actions.php in WebPortal CMS 0.6-beta generates predictable passwords containing only the time of day, which makes it easier for remote attackers to obtain access to any account via a lostpass action.

 
2008-01-04
 
CVE-2007-6664

 

 
SQL injection vulnerability in index.php in WebPortal CMS 0.6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top