Cross-site scripting (XSS) vulnerability in login.asp in PortalApp 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ret_page parameter.
Max CVSS
6.8
EPSS Score
0.95%
Published
2005-12-22
Updated
2013-07-18
SQL injection vulnerability in ad_click.asp for PortalApp allows remote attackers to execute arbitrary SQL commands via the banner_id parameter.
Max CVSS
7.5
EPSS Score
0.28%
Published
2005-05-02
Updated
2017-07-11
PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb.
Max CVSS
5.0
EPSS Score
3.80%
Published
2004-01-04
Updated
2017-07-11
user_profile.asp in PortalApp 2.2 allows local users to gain privileges by modifying the user_id variable.
Max CVSS
10.0
EPSS Score
0.17%
Published
2002-12-31
Updated
2017-07-11
4 vulnerabilities found