SQL injection vulnerability in humor.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2004-2036 or CVE-2005-3509.
Max CVSS
7.5
EPSS Score
0.07%
Published
2009-03-13
Updated
2017-09-29
SQL injection vulnerability in mailer.php in JPortal 2 allows remote attackers to execute arbitrary SQL commands via the to parameter.
Max CVSS
7.5
EPSS Score
0.10%
Published
2007-11-15
Updated
2017-09-29
SQL injection vulnerability in articles.php in JPortal 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2007-11-15
Updated
2017-09-29
SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the to parameter.
Max CVSS
7.5
EPSS Score
0.11%
Published
2007-11-10
Updated
2017-09-29
Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php in Jportal 2.3.1, and possibly earlier, allows remote attackers to perform privileged actions as administrators by tricking the admin into accessing a URL with modified arguments to admin/admin.adm.php.
Max CVSS
9.3
EPSS Score
1.10%
Published
2007-02-13
Updated
2018-10-16
Multiple SQL injection vulnerabilities in JPortal allow remote attackers to execute arbitrary SQL commands via (1) banner.php or the id parameter to (2) print.php, (3) comment.php, and (4) news.php.
Max CVSS
7.5
EPSS Score
0.26%
Published
2005-11-06
Updated
2011-03-08
SQL injection vulnerability in the art_print function in print.inc.php in unknown versions of jPortal before 2.3.1 allows remote attackers to inject arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.97%
Published
2004-05-28
Updated
2017-07-11
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!