Multiple SQL injection vulnerabilities in PowerPortal, possibly 1.1 beta up to and including 1.3, allow remote malicious users to execute arbitrary SQL commands via the search parameter in (1) index.php and (2) search.php. NOTE: This issue might overlap CVE-2004-0663.2.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
powerportal powerportal 1.1b |
||
powerportal powerportal 1.3 |
||
powerportal powerportal 1.3b |