PortailPHP 2 mod_search/index.php chemin Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/22381/info PortailPHP is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows an attacker to execute arbitrary...

PortailPHP 2.0 - 'mod_search' Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28867/info PortailPHP is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious PH...

CVE-2002-2277

PortailPHP 0.99 contains an SQL injection in mod_search/index.php. The vulnerability allows remote attackers to inject SQL via (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin, potentially affecting confidentiality, integrity, and availability as i...

CVE-2002-2278

Cross-site scripting XSS vulnerability in modsearch/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the 1 $AppTheme, 2 $RubSearch, 3 $RubNews, 4 $RubFile, 5 $RubLiens, or 6 $RubFaq variables...

CVE-2002-2277

SQL injection vulnerability in modsearch/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the 1 $rech, 2 $BDTabdocs, 3 $BDTabfile, 4 $BDTabliens, 5 $BDTabfaq, or 6 $chemin variables...

CVE-2002-2278

CVE-2002-2278 is a cross-site scripting (XSS) vulnerability in PortailPHP 0.99, specifically in mod_search/index.php. The issue arises from injecting arbitrary web script or HTML via six user-controllable variables: $App_Theme, $Rub_Search, $Rub_News, $Rub_File, $Rub_Liens, and $Rub_Faq. The prov...