Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mkportal mkportal vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2006-5139
Unspecified vulnerability in MkPortal allows remote malicious users to corrupt web site content, and possibly have other impact, via a certain long Message that affects "Tables," related to the Urlobox.
Mkportal Mkportal
605
VMScore
CVE-2007-0191
Cross-site scripting (XSS) vulnerability in admin.php in MKPortal allows remote malicious users to inject arbitrary web script or HTML via two certain fields in a contents_new operation in the ad_contents section.
Mkportal Mkportal
668
VMScore
CVE-2007-0192
Cross-site request forgery (CSRF) vulnerability in the save_main operation in the ad_perms section in admin.php in MKPortal allows remote malicious users to modify privilege settings, as demonstrated using a getURL of admin.php within a .swf file contained in an IFRAME element, a...
Mkportal Mkportal
755
VMScore
CVE-2006-2067
SQL injection vulnerability in vb_board_functions.php in MKPortal 1.1, as used with vBulletin 3.5.4 and previous versions, allows remote malicious users to execute arbitrary SQL commands via the userid parameter.
Mkportal Mkportal 1.1
1 EDB exploit
668
VMScore
CVE-2006-3554
Directory traversal vulnerability in index.php in MKPortal 1.0.1 Final allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the language cookie, as demonstrated by using a gl_session cookie to inject PHP sequences into th...
Mkportal Mkportal 1.0.1 Final
585
VMScore
CVE-2006-6741
Cross-site request forgery (CSRF) vulnerability in urlobox in MKPortal allows remote malicious users to delete arbitrary messages as an administrator via a delete operation in an img BBcode tag.
Mkportal Mkportal 1.1
1 EDB exploit
435
VMScore
CVE-2006-2066
Multiple cross-site scripting (XSS) vulnerabilities pm_popup.php in MKPortal 1.1 Rc1 and previous versions, as used with vBulletin 3.5.4 and previous versions, allow remote malicious users to inject arbitrary web script or HTML via the (1) u1, (2) m1, (3) m2, (4) m3, (5) m4 param...
Mkportal Mkportal 1.1 Rc1
1 EDB exploit
755
VMScore
CVE-2007-6467
SQL injection vulnerability in index.php in MKPortal 1.1 RC1 allows remote malicious users to execute arbitrary SQL commands via the ida parameter in a gallery foto_show action.
Mkportal Mkportal 1.1 Rc1
1 EDB exploit
694
VMScore
CVE-2007-0194
admin.php in MKPortal M1.1 RC1 allows remote malicious users to obtain sensitive information via a direct request with an MK_PATH=1 query string, which reveals the path in an error message.
Mkportal Mkportal 1.1 Rc1
755
VMScore
CVE-2007-3814
Multiple SQL injection vulnerabilities in MKPortal 1.1.1 allow remote malicious users to execute arbitrary SQL commands via (1) the idurlo field in the delete_urlo function in (a) index.php in the urlobox module; the iden field in the (2) update_file and (3) del_file functions in...
Mkportal Mkportal 1.1.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »