SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remote attackers to execute arbitrary SQL commands via the sortby...
8.7AI Score
0.008EPSS
PortalApp 4.0 does not require authentication for (1) forums.asp and (2) content.asp, which allows remote attackers to create and delete forums, topics, and...
7.8AI Score
0.016EPSS
Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has unknown impact and attack...
7.4AI Score
0.003EPSS
Cross-site scripting (XSS) vulnerability in PortalApp 4.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter to (1) forums.asp and (2)...
5.9AI Score
0.003EPSS
PortalApp stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for 8691.mdb, a different vector than...
6.6AI Score
0.006EPSS
Cross-site scripting (XSS) vulnerability in login.asp in PortalApp 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ret_page...
6.3AI Score
0.009EPSS
SQL injection vulnerability in ad_click.asp for PortalApp allows remote attackers to execute arbitrary SQL commands via the banner_id...
8.7AI Score
0.003EPSS
Multiple cross-site scripting (XSS) vulnerabilities in content.asp in Iatek PortalApp allow remote attackers to inject arbitrary web script or HTML via the (1) contenttype or (2) keywords...
5.9AI Score
0.005EPSS
PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to...
6.8AI Score
0.038EPSS
user_profile.asp in PortalApp 2.2 allows local users to gain privileges by modifying the user_id...
7.3AI Score
0.002EPSS