2 matches found
Sql injection
SQL injection vulnerability in humor.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2004-2036 or CVE-2005-3509...
CVE-2004-2036
CVE-2004-2036 concerns a SQL injection in the jPortal CGI/print.inc.php path. The vulnerability exists in the art_print function (print.inc.php) across unknown jPortal versions prior to 2.3.1, allowing remote attackers to inject arbitrary SQL via the id parameter. Public references (NVD/NIST, CVE...