3 matches found
CVE-2006-0220
Multiple cross-site scripting XSS vulnerabilities in DCP-Portal 5.3 through 6.1.1 allow remote attackers to inject arbitrary web script or HTML via 1 the day parameter in calendar.php and 2 the input form in search.php. NOTE: the provenance of this information is unknown; the details are obtained...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in DCP-Portal 5.3 through 6.1.1 allow remote attackers to inject arbitrary web script or HTML via 1 the day parameter in calendar.php and 2 the input form in search.php. NOTE: the provenance of this information is unknown; the details are obtained...
CVE-2005-4227
CVE-2005-4227 affects DCP-Portal 6.1.1 with multiple potential SQL injection vectors. The vulnerability list covers parameters in advertiser.php, announcement.php, calendar.php, contents.php, forums.php, go.php, golink.php, inbox.php, index.php, informer.php, news.php, rate.php, search.php, and u...