Summary
| Detail | |||
|---|---|---|---|
| Vendor | Portailphp | First view | 2005-05-24 |
| Product | Portailphp | Last view | 2007-03-23 |
| Version | Type | Application | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:a:portailphp:portailphp:1.3:*:*:*:*:*:*:* | 2 |
| cpe:2.3:a:portailphp:portailphp:2.4:*:*:*:*:*:*:* | 1 |
| cpe:2.3:a:portailphp:portailphp:2.0:*:*:*:*:*:*:* | 1 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2007-03-23 | CVE-2007-1641 | SQL injection vulnerability in index.php in PortailPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the idnews parameter. |
| 7.5 | 2006-07-28 | CVE-2006-3922 | PHP remote file inclusion vulnerability in mod_membre/inscription.php in PortailPHP 1.7 allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter. |
| 7.5 | 2005-08-07 | CVE-2005-2486 | SQL injection vulnerability in mod_forum/read_message.php in PortailPHP allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php with the affiche parameter set to "Forum-read_mess", a different vulnerability than CVE-2005-1701. |
| 7.5 | 2005-05-24 | CVE-2005-1701 | SQL injection vulnerability in PortailPHP 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter to the (1) News, (2) File, (3) Liens, or (4) Faq modules. |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 34410 | PortailPhp index.php idnews Parameter SQL Injection |
| 27591 | PortailPhp inscription.php chemin Parameter Remote File Inclusion |
| 18685 | PortailPhp mod_forum/read_message.php id Parameter SQL Injection |
| 16777 | PortailPhp index.php id Parameter SQL Injection |
