powerportal powerportal 1.3b vulnerabilities and exploits

(subscribe to this query)

NA

Cross-site scripting (XSS) vulnerability in modules/private_messages/index.php in PowerPortal 1.x allows remote malicious users to inject arbitrary web script or HTML via the (1) SUBJECT or (2) MESSAGE field.

Powerportal Powerportal 1.1b Powerportal Powerportal 1.3 Powerportal Powerportal 1.3b

1 EDB exploit

NA

PowerPortal 1.x allows remote malicious users to gain sensitive information via invalid or missing parameters in HTTP requests to (1) resize.php or (2) modules.php, which reveals the path in an error message.

Powerportal Powerportal 1.3 Powerportal Powerportal 1.3b Powerportal Powerportal 1.1b

NA

Directory traversal vulnerability in modules.php in PowerPortal 1.x allows remote malicious users to list arbitrary directories via a .. (dot dot) in the files parameter.

Powerportal Powerportal 1.3 Powerportal Powerportal 1.3b Powerportal Powerportal 1.1b

1 EDB exploit

NA

Multiple SQL injection vulnerabilities in PowerPortal, possibly 1.1 beta up to and including 1.3, allow remote malicious users to execute arbitrary SQL commands via the search parameter in (1) index.php and (2) search.php. NOTE: This issue might overlap CVE-2004-0663.2.

Powerportal Powerportal 1.1b Powerportal Powerportal 1.3 Powerportal Powerportal 1.3b

2 EDB exploits

NA

Cross-site scripting (XSS) vulnerability in modules.php in PowerPortal 1.x allows remote malicious users to inject arbitrary script or HTML via the (1) id parameter to the (a) private_messages module; (2) search parameter to the (b) links and (c) content modules; and (3) files pa...

Powerportal Powerportal 1.1b Powerportal Powerportal 1.3 Powerportal Powerportal 1.3b

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook