Published: 06/11/2005 Updated: 08/03/2011

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in JPortal allow remote malicious users to execute arbitrary SQL commands via (1) banner.php or the id parameter to (2) print.php, (3) comment.php, and (4) news.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
jportal jportal web portal 2.2.1
jportal jportal web portal 2.3.1

source: wwwsecurityfocuscom/bid/15324/info JPortal is prone to multiple SQL injection vulnerabilities These are due to a lack of proper sanitization of user-supplied input before being used in an SQL query Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an att ...

source: wwwsecurityfocuscom/bid/15324/info JPortal is prone to multiple SQL injection vulnerabilities These are due to a lack of proper sanitization of user-supplied input before being used in an SQL query Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attac ...

NVD-CWE-Other http://www.security.nnov.ru/Kdocument105.html http://foro.elhacker.net/index.php?topic=93436.0 http://www.securityfocus.com/bid/15324 http://www.vupen.com/english/advisories/2005/2310 https://nvd.nist.gov https://www.exploit-db.com/exploits/26470/

CVE-2005-3509

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect