Shodan
Vulnerabilities
Vulnerable Software
Jportal:  Security Vulnerabilities
CVE-2008-6451
SQL injection vulnerability in humor.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2004-2036 or CVE-2005-3509.
CVSS Score
7.5
EPSS Score
0.001
Published
2009-03-13
CVE-2007-5973
SQL injection vulnerability in articles.php in JPortal 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2007-11-15
CVE-2007-5974
SQL injection vulnerability in mailer.php in JPortal 2 allows remote attackers to execute arbitrary SQL commands via the to parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2007-11-15
CVE-2007-5912
SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the to parameter.
CVSS Score
7.5
EPSS Score
0.002
Published
2007-11-10
CVE-2007-0912
Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php in Jportal 2.3.1, and possibly earlier, allows remote attackers to perform privileged actions as administrators by tricking the admin into accessing a URL with modified arguments to admin/admin.adm.php.
CVSS Score
9.3
EPSS Score
0.007
Published
2007-02-13
CVE-2005-3509
Multiple SQL injection vulnerabilities in JPortal allow remote attackers to execute arbitrary SQL commands via (1) banner.php or the id parameter to (2) print.php, (3) comment.php, and (4) news.php.
CVSS Score
7.5
EPSS Score
0.003
Published
2005-11-06
CVE-2005-3052
SQL injection vulnerability in module/down.inc.php in jportal 2.3.1 allows remote attackers to execute arbitrary SQL commands via the search field to download.php.
CVSS Score
7.5
EPSS Score
0.004
Published
2005-09-24
CVE-2005-1071
SQL injection vulnerability in banner.inc.php in JPortal Web Portal 2.3.1 allows remote attackers to execute arbitrary SQL commands via the haslo parameter.
CVSS Score
7.5
EPSS Score
0.006
Published
2005-04-12
CVE-2004-2036
SQL injection vulnerability in the art_print function in print.inc.php in unknown versions of jPortal before 2.3.1 allows remote attackers to inject arbitrary SQL commands via the id parameter.
CVSS Score
7.5
EPSS Score
0.012
Published
2004-05-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved