Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
powerportal powerportal 1.3b vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-2514
Cross-site scripting (XSS) vulnerability in modules/private_messages/index.php in PowerPortal 1.x allows remote malicious users to inject arbitrary web script or HTML via the (1) SUBJECT or (2) MESSAGE field.
Powerportal Powerportal 1.1b
Powerportal Powerportal 1.3
Powerportal Powerportal 1.3b
1 EDB exploit
NA
CVE-2004-0662
PowerPortal 1.x allows remote malicious users to gain sensitive information via invalid or missing parameters in HTTP requests to (1) resize.php or (2) modules.php, which reveals the path in an error message.
Powerportal Powerportal 1.3
Powerportal Powerportal 1.3b
Powerportal Powerportal 1.1b
NA
CVE-2004-0664
Directory traversal vulnerability in modules.php in PowerPortal 1.x allows remote malicious users to list arbitrary directories via a .. (dot dot) in the files parameter.
Powerportal Powerportal 1.3
Powerportal Powerportal 1.3b
Powerportal Powerportal 1.1b
1 EDB exploit
NA
CVE-2006-0358
Multiple SQL injection vulnerabilities in PowerPortal, possibly 1.1 beta up to and including 1.3, allow remote malicious users to execute arbitrary SQL commands via the search parameter in (1) index.php and (2) search.php. NOTE: This issue might overlap CVE-2004-0663.2.
Powerportal Powerportal 1.1b
Powerportal Powerportal 1.3
Powerportal Powerportal 1.3b
2 EDB exploits
NA
CVE-2004-0663
Cross-site scripting (XSS) vulnerability in modules.php in PowerPortal 1.x allows remote malicious users to inject arbitrary script or HTML via the (1) id parameter to the (a) private_messages module; (2) search parameter to the (b) links and (c) content modules; and (3) files pa...
Powerportal Powerportal 1.1b
Powerportal Powerportal 1.3
Powerportal Powerportal 1.3b
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started