Vulnerabilities > CVE-2004-2036 - SQL Injection vulnerability in Jportal web Portal 2.2.1

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

jportal

nessus

exploit available

NVD

Published: 2004-05-28

Updated: 2017-07-11

Summary

SQL injection vulnerability in the art_print function in print.inc.php in unknown versions of jPortal before 2.3.1 allows remote attackers to inject arbitrary SQL commands via the id parameter.

Vulnerable Configurations

Part	Description	Count
Application	Jportal Jportal Jportal WEB Portal 2.2.1	1

Exploit-Db

description	JPortal 2.2.1 Print.php SQL Injection Vulnerability. CVE-2004-2036. Webapps exploit for php platform
id	EDB-ID:24151
last seen	2016-02-02
modified	2004-05-28
published	2004-05-28
reporter	Maciek Wierciski
source	https://www.exploit-db.com/download/24151/
title	JPortal 2.2.1 Print.php SQL Injection Vulnerability

Nessus

NASL family	CGI abuses
NASL id	JPORTAL_SQL_INJECTION.NASL
description	The remote host appears to be running the jPortal CGI suite. There is a SQL injection vulnerability in the
last seen	2020-06-01
modified	2020-06-02
plugin id	12256
published	2004-05-29
reporter	This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/12256
title	jPortal print.inc.php id Parameter SQL Injection

Summary

Vulnerable Configurations

Exploit-Db

Nessus

References