CVEDB API

Vulnerabilities

Vulnerable Software

Iatek: >> Portalapp Security Vulnerabilities

CVE-2005-4482

Cross-site scripting (XSS) vulnerability in login.asp in PortalApp 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ret_page parameter.

CVSS Score

6.8

EPSS Score

0.023

Published

2005-12-22

CVE-2005-0948

SQL injection vulnerability in ad_click.asp for PortalApp allows remote attackers to execute arbitrary SQL commands via the banner_id parameter.

CVSS Score

7.5

EPSS Score

0.012

Published

2005-05-02

CVE-2005-0949

Multiple cross-site scripting (XSS) vulnerabilities in content.asp in Iatek PortalApp allow remote attackers to inject arbitrary web script or HTML via the (1) contenttype or (2) keywords parameter.

CVSS Score

4.3

EPSS Score

0.007

Published

2005-05-02

CVE-2004-1786

PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb.

CVSS Score

5.0

EPSS Score

0.034

Published

2004-01-04

CVE-2002-1659

user_profile.asp in PortalApp 2.2 allows local users to gain privileges by modifying the user_id variable.

CVSS Score

10.0

EPSS Score

0.004

Published

2002-12-31

Page 1

Vulnerabilities

Vulnerable Software

Iatek: >> Portalapp Security Vulnerabilities

Products

Pricing

Contact Us