Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mkportal vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2007-0191
Cross-site scripting (XSS) vulnerability in admin.php in MKPortal allows remote malicious users to inject arbitrary web script or HTML via two certain fields in a contents_new operation in the ad_contents section.
Mkportal Mkportal
7.5
CVSSv2
CVE-2007-0192
Cross-site request forgery (CSRF) vulnerability in the save_main operation in the ad_perms section in admin.php in MKPortal allows remote malicious users to modify privilege settings, as demonstrated using a getURL of admin.php within a .swf file contained in an IFRAME element, a...
Mkportal Mkportal
5
CVSSv2
CVE-2006-5139
Unspecified vulnerability in MkPortal allows remote malicious users to corrupt web site content, and possibly have other impact, via a certain long Message that affects "Tables," related to the Urlobox.
Mkportal Mkportal
7.8
CVSSv2
CVE-2007-0194
admin.php in MKPortal M1.1 RC1 allows remote malicious users to obtain sensitive information via a direct request with an MK_PATH=1 query string, which reveals the path in an error message.
Mkportal Mkportal 1.1 Rc1
4.3
CVSSv2
CVE-2006-4665
Cross-site scripting (XSS) vulnerability in index.php in MKPortal M1.1 Rc1 allows remote malicious users to inject arbitrary web script or HTML via the ind parameter, possibly related to the PHP_SELF variable. NOTE: Some details are obtained from third party information.
Mkportal Mkportal 1.1 Rc1
7.5
CVSSv2
CVE-2007-6467
SQL injection vulnerability in index.php in MKPortal 1.1 RC1 allows remote malicious users to execute arbitrary SQL commands via the ida parameter in a gallery foto_show action.
Mkportal Mkportal 1.1 Rc1
1 EDB exploit
5.8
CVSSv2
CVE-2006-6741
Cross-site request forgery (CSRF) vulnerability in urlobox in MKPortal allows remote malicious users to delete arbitrary messages as an administrator via a delete operation in an img BBcode tag.
Mkportal Mkportal 1.1
1 EDB exploit
7.5
CVSSv2
CVE-2006-2067
SQL injection vulnerability in vb_board_functions.php in MKPortal 1.1, as used with vBulletin 3.5.4 and previous versions, allows remote malicious users to execute arbitrary SQL commands via the userid parameter.
Mkportal Mkportal 1.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-3637
SQL injection vulnerability in MKPortal 1.1.1 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, aka ZD-00000008. this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with ...
Mkportal Mkportal 1.1.1
7.5
CVSSv2
CVE-2007-3814
Multiple SQL injection vulnerabilities in MKPortal 1.1.1 allow remote malicious users to execute arbitrary SQL commands via (1) the idurlo field in the delete_urlo function in (a) index.php in the urlobox module; the iden field in the (2) update_file and (3) del_file functions in...
Mkportal Mkportal 1.1.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »