Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mkportal mkportal vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-6467
SQL injection vulnerability in index.php in MKPortal 1.1 RC1 allows remote malicious users to execute arbitrary SQL commands via the ida parameter in a gallery foto_show action.
Mkportal Mkportal 1.1 Rc1
1 EDB exploit
NA
CVE-2007-3813
PHP remote file inclusion vulnerability in include/user.php in the NoBoard BETA module for MKPortal allows remote malicious users to execute arbitrary PHP code via a URL in the MK_PATH parameter.
Mkportal Noboard Module Beta
1 EDB exploit
NA
CVE-2007-3814
Multiple SQL injection vulnerabilities in MKPortal 1.1.1 allow remote malicious users to execute arbitrary SQL commands via (1) the idurlo field in the delete_urlo function in (a) index.php in the urlobox module; the iden field in the (2) update_file and (3) del_file functions in...
Mkportal Mkportal 1.1.1
1 EDB exploit
NA
CVE-2007-3637
SQL injection vulnerability in MKPortal 1.1.1 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, aka ZD-00000008. this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with ...
Mkportal Mkportal 1.1.1
NA
CVE-2007-0191
Cross-site scripting (XSS) vulnerability in admin.php in MKPortal allows remote malicious users to inject arbitrary web script or HTML via two certain fields in a contents_new operation in the ad_contents section.
Mkportal Mkportal
NA
CVE-2007-0192
Cross-site request forgery (CSRF) vulnerability in the save_main operation in the ad_perms section in admin.php in MKPortal allows remote malicious users to modify privilege settings, as demonstrated using a getURL of admin.php within a .swf file contained in an IFRAME element, a...
Mkportal Mkportal
NA
CVE-2007-0194
admin.php in MKPortal M1.1 RC1 allows remote malicious users to obtain sensitive information via a direct request with an MK_PATH=1 query string, which reveals the path in an error message.
Mkportal Mkportal 1.1 Rc1
NA
CVE-2006-6741
Cross-site request forgery (CSRF) vulnerability in urlobox in MKPortal allows remote malicious users to delete arbitrary messages as an administrator via a delete operation in an img BBcode tag.
Mkportal Mkportal 1.1
1 EDB exploit
NA
CVE-2006-5139
Unspecified vulnerability in MkPortal allows remote malicious users to corrupt web site content, and possibly have other impact, via a certain long Message that affects "Tables," related to the Urlobox.
Mkportal Mkportal
NA
CVE-2006-4665
Cross-site scripting (XSS) vulnerability in index.php in MKPortal M1.1 Rc1 allows remote malicious users to inject arbitrary web script or HTML via the ind parameter, possibly related to the PHP_SELF variable. NOTE: Some details are obtained from third party information.
Mkportal Mkportal 1.1 Rc1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »