Vulnerabilities > Portail WEB PHP
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-02-28 | CVE-2008-1068 | Code Injection vulnerability in Portail web PHP Portail web PHP Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) Vert/index.php, (2) Noir/index.php, and (3) Bleu/index.php in template/, different vectors than CVE-2008-0645. | 6.8 |
2008-02-07 | CVE-2008-0645 | Code Injection vulnerability in Portail web PHP Portail web PHP 2.5.1.1 Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) config/conf-activation.php, (2) menu/item.php, and (3) modules/conf_modules.php in admin/system/; and (4) system/login.php. | 7.5 |
2007-02-04 | CVE-2007-0700 | Path Traversal vulnerability in Portail web PHP Portail web PHP 2.5.1.1 Directory traversal vulnerability in index.php in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) allows remote attackers to read arbitrary files via a .. | 5.0 |
2007-02-04 | CVE-2007-0699 | Code Injection vulnerability in Portail web PHP Portail web PHP 0.99 PHP remote file inclusion vulnerability in includes/includes.php in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) before 2.5.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the site_path parameter. | 7.5 |
2002-12-31 | CVE-2002-2278 | Cross-Site Scripting vulnerability in Portail web PHP Portail web PHP 0.99 Cross-site scripting (XSS) vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the (1) $App_Theme, (2) $Rub_Search, (3) $Rub_News, (4) $Rub_File, (5) $Rub_Liens, or (6) $Rub_Faq variables. | 4.3 |
2002-12-31 | CVE-2002-2277 | SQL Injection vulnerability in Portail web PHP Portail web PHP 0.99 SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin variables. | 7.5 |