Vulnerabilities > Arab Portal > Arab Portal > 2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-30 | CVE-2006-1504 | Cross-Site Scripting vulnerability in Arab Portal Arab Portal 2.0 Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0 (aka Arab Dynamic Portal or ADP) stable allow remote attackers to inject arbitrary web script or HTML via the title parameter in (1) online.php and (2) download.php. | 5.1 |
2005-08-10 | CVE-2005-2546 | Information Disclosure vulnerability in Arab Portal Arab Portal 2.0 Arab Portal 2.0 allows remote attackers to obtain sensitive information via a long (1) username or (2) password, which reveals the path in an error message when the undefined "errmsg" function is called. | 5.0 |