Vulnerabilities > CVE-2006-0358 - Unspecified vulnerability in Powerportal 1.1B/1.3/1.3B
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN powerportal
exploit available
Summary
Multiple SQL injection vulnerabilities in PowerPortal, possibly 1.1 beta through 1.3, allow remote attackers to execute arbitrary SQL commands via the search parameter in (1) index.php and (2) search.php. NOTE: This issue might overlap CVE-2004-0663.2.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
description PowerPortal 1.1/1.3 search.php search Parameter XSS. CVE-2006-0358. Webapps exploit for php platform id EDB-ID:27103 last seen 2016-02-03 modified 2006-01-17 published 2006-01-17 reporter night_warrior771 source https://www.exploit-db.com/download/27103/ title PowerPortal 1.1/1.3 - search.php search Parameter XSS description PowerPortal 1.1/1.3 index.php search Parameter XSS. CVE-2006-0358. Webapps exploit for php platform id EDB-ID:27102 last seen 2016-02-03 modified 2006-01-17 published 2006-01-17 reporter night_warrior771 source https://www.exploit-db.com/download/27102/ title PowerPortal 1.1/1.3 index.php search Parameter XSS
References
- http://secunia.com/advisories/10172
- http://secunia.com/advisories/10172
- http://web.archive.org/web/20050303003128/http://powerportal.sourceforge.net/
- http://web.archive.org/web/20050303003128/http://powerportal.sourceforge.net/
- http://www.osvdb.org/27957
- http://www.osvdb.org/27957
- http://www.osvdb.org/27958
- http://www.osvdb.org/27958
- http://www.securityfocus.com/archive/1/422151/100/0/threaded
- http://www.securityfocus.com/archive/1/422151/100/0/threaded
- http://www.securityfocus.com/bid/16279
- http://www.securityfocus.com/bid/16279
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24196
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24196