17 matches found
CVE-2018-10297
Discuz! DiscuzX through X3.4 has stored XSS via the portal.php?mod=portalcp∾=article URI, related to mishandling of IMG elements associated with remote images...
EUVD-2018-2371
Malware in sbrugna...
EUVD-2008-3059
Malware in sbrugna...
EUVD-2025-28728
Malicious code in bioql PyPI...
Simple Pizza Ordering System portal.php File SQL Injection Vulnerability
Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /portal.php. An attacker can exploit this vulnerability...
CVE-2025-6360
A vulnerability classified as critical has been found in code-projects Simple Pizza Ordering System 1.0. This affects an unknown part of the file /portal.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...
CVE-2025-6360 code-projects Simple Pizza Ordering System portal.php sql injection
A vulnerability classified as critical has been found in code-projects Simple Pizza Ordering System 1.0. This affects an unknown part of the file /portal.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...
CVE-2025-6360
CVE-2025-6360 affects Simple Pizza Ordering System v1.0, with a SQL injection in portal.php caused by unsafely handling the ID parameter. The vulnerability can be exploited remotely; multiple connected sources (CNVD, CNNVD, Red Hat, CVE lists, and PT-Security) report it and note public disclosure...
CVE-2024-5117
A vulnerability, which was classified as critical, was found in SourceCodester Event Registration System 1.0. This affects an unknown part of the file portal.php. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack remotely. The exploit...
Cross site scripting
Discuz! DiscuzX through X3.4 has stored XSS via the portal.php?mod=portalcp&ac=article URI, related to mishandling of IMG elements associated with remote images...
CVE-2018-10297
CVE-2018-10297 affects Discuz! DiscuzX through X3.4. The vulnerability is a stored XSS via the URL portal.php?mod=portalcp&ac=article, caused by mishandling of IMG elements linked to remote images. Multiple connected sources (NVD, Red Hat, CNVD, CVE records) report the same issue across Discuz! D...
CVE-2018-10297
Discuz! DiscuzX through X3.4 has stored XSS via the portal.php?mod=portalcp&ac=article URI, related to mishandling of IMG elements associated with remote images...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in MyBB before 1.2.13 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 portal.php and 2 inc/functionspost.php...
CVE-2008-3069
Multiple cross-site scripting XSS vulnerabilities in MyBB before 1.2.13 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 portal.php and 2 inc/functionspost.php...
CVE-2007-0684
The CVE-2007-0684 entry describes a PHP remote file inclusion vulnerability in portal.php of Cerulean Portal System 0.7b. It allows an attacker to execute arbitrary PHP code by supplying a URL in the phpbb_root_path parameter. The affected component is Cerulean Portal System 0.7b, with portal.php...
vBulletin 3.0.10 - Portal.php SQL Injection
vBulletin 3.0.10 - Portal.php SQL Injection source: https://www.securityfocus.com/bid/18197/info vBulletin is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...
PHPBB2 Plus 1.5 - 'Portal.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/13151/info phpBB2 Plus is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute...