5 matches found
EUVD-2004-2503
Malware in sbrugna...
DCP-Portal 3.74.x5.x - announcement.php?cid Cross-Site Scripting
DCP-Portal 3.74.x5.x - announcement.php?cid Cross-Site Scripting source: https://www.securityfocus.com/bid/11338/info DCP-Portal is reported prone to multiple cross-site scripting vulnerabilities. It is reported that DCP-Portal does not sufficiently filter URI parameters supplied to several...
DCP-Portal 3.74.x5.x - news.php?cid Cross-Site Scripting
DCP-Portal 3.74.x5.x - news.php?cid Cross-Site Scripting source: https://www.securityfocus.com/bid/11338/info DCP-Portal is reported prone to multiple cross-site scripting vulnerabilities. It is reported that DCP-Portal does not sufficiently filter URI parameters supplied to several scripts...
DCP-Portal 5.5 - advertiser.php?Password SQL Injection
DCP-Portal 5.5 - advertiser.php?Password SQL Injection source: https://www.securityfocus.com/bid/8739/info Multiple SQL Injection vulnerabilities have been discovered that affect DCP-Portal scripts. These issues are likely due to a lack of sufficient sanitization performed on user supplied URI...
dcpportal.txt
From: Lifo Fifo To: [email protected] Subject: DCP Portal - 5.5 holes Never use this product if you have turned off magicquotesgpc. And this product won't work anyway if you have turned off registerglobals. All the files in the product, dont check for integrity of variables. You can easil...