Vulnerabilities > Rigter Portal System
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-03-07 | CVE-2007-1293 | SQL injection vulnerability in Rigter Portal System Rigter Portal System 6.2 SQL injection vulnerability in Rigter Portal System (RPS) 6.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categoria parameter to the top-level URI (index.php), possibly related to ver_descarga.php. network rigter-portal-system | 5.8 |
2007-03-02 | CVE-2006-7085 | Cross-Site Scripting vulnerability in Rigter Portal System 1.0/2.0/3.0 Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers to add arbitrary content and conduct XSS attacks via a direct request to add_art.php. network rigter-portal-system | 4.3 |
2007-03-02 | CVE-2006-7083 | Directory Traversal vulnerability in Rigter Portal System 1.0/2.0/3.0 Directory traversal vulnerability in index.php in Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers to read arbitrary files via ".." sequences in the id parameter. network rigter-portal-system | 4.3 |
2007-03-02 | CVE-2006-7082 | File-Upload vulnerability in Rigter Portal System 1.0/2.0/3.0 Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers to bypass authentication and upload arbitrary files via direct requests to (1) adm/photos/images.php and (2) adm/down/files.php. | 7.5 |