Protector System: Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in blocker_query.php in Protector System 1.15b1 allows remote attackers to inject arbitrary web script or HTML via the (1) target or (2) portNum parameters.
CVSS Score
4.3
EPSS Score
0.032
Published
2004-12-31
SQL injection vulnerability in index.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection filters by using "/**/" sequences in the targeted fields.
CVSS Score
7.5
EPSS Score
0.004
Published
2004-12-31
blocker_query.php in Protector System 1.15b1 for PHP-Nuke allows remote attackers to gain sensitive information via a string in the portNum parameter, which reveals the full path in an error message.
CVSS Score
5.0
EPSS Score
0.006
Published
2004-04-23
blocker.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection protection and execute limited SQL commands via URL-encoded "'" characters ("%27").
CVSS Score
7.5
EPSS Score
0.003
Published
2004-04-23