Vulnerabilities > Mkportal > Mkportal > 1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-12-26 | CVE-2006-6741 | Cross-Site Request Forgery (CSRF) vulnerability in Mkportal 1.1 Cross-site request forgery (CSRF) vulnerability in urlobox in MKPortal allows remote attackers to delete arbitrary messages as an administrator via a delete operation in an img BBcode tag. | 5.8 |
2006-04-27 | CVE-2006-2067 | Input Validation vulnerability in Mkportal 1.1 SQL injection vulnerability in vb_board_functions.php in MKPortal 1.1, as used with vBulletin 3.5.4 and earlier, allows remote attackers to execute arbitrary SQL commands via the userid parameter. | 7.5 |