Vulnerabilities > Mkportal > Mkportal > 1.1

DATE CVE VULNERABILITY TITLE RISK
2006-12-26 CVE-2006-6741 Cross-Site Request Forgery (CSRF) vulnerability in Mkportal 1.1
Cross-site request forgery (CSRF) vulnerability in urlobox in MKPortal allows remote attackers to delete arbitrary messages as an administrator via a delete operation in an img BBcode tag.
network
mkportal CWE-352
5.8
5.8
2006-04-27 CVE-2006-2067 Input Validation vulnerability in Mkportal 1.1
SQL injection vulnerability in vb_board_functions.php in MKPortal 1.1, as used with vBulletin 3.5.4 and earlier, allows remote attackers to execute arbitrary SQL commands via the userid parameter.
network
low complexity
mkportal
7.5
7.5