EUVD-2006-6918

Malware in sbrugna...

EUVD-2006-6917

Malware in sbrugna...

Portix-PHP 2-0.3.2 Portal Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18227/info Portix-PHP is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

Portix-PHP 0.4 Index.PHP Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4038/info Portix-PHP is freely available web portal software. It is written in PHP and will run on most Unix and Linux variants. Portix-PHP is prone to directory traversal attacks. The script index.php does not sufficient...

Portix-PHP 0.4 View.PHP Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4039/info Portix-PHP is freely available web portal software. It is written in PHP and will run on most Unix and Linux variants. Portix-PHP is prone to directory traversal attacks. The script view.php does not sufficientl...

Portix-PHP 0.4 Cookie Manipulation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4041/info Portix-PHP is freely available web portal software. It is written in PHP and will run on most Unix and Linux variants. Portix-PHP uses non-expiring cookies for session management. It is possible for a malicious...

Portix-PHP 0.4.2 - Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20974/info Portix-PHP is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker...

CVE-2006-6935

SQL injection vulnerability in the login component in Portix-PHP 0.4.2 allows remote attackers to execute arbitrary SQL commands via the username and passwd password fields...

CVE-2006-6934

Multiple cross-site scripting XSS vulnerabilities in Portix-PHP 0.4.2 allow remote attackers to inject arbitrary web script or HTML via the 1 titre or 2 auteur field in a forum post...

CVE-2006-6934

Multiple cross-site scripting XSS vulnerabilities in Portix-PHP 0.4.2 allow remote attackers to inject arbitrary web script or HTML via the 1 titre or 2 auteur field in a forum post...

CVE-2006-6935

Portix-PHP 0.4.2 is affected by an SQL injection in the login component, exploitable via the username and passwd fields, allowing remote attackers to execute arbitrary SQL commands. The issue is tied to Portix-PHP version 0.4.2 and is addressed by updating to a fixed version (per PT-2007-1215 rec...

CVE-2006-6935

SQL injection vulnerability in the login component in Portix-PHP 0.4.2 allows remote attackers to execute arbitrary SQL commands via the username and passwd password fields...

CVE-2006-6934

CVE-2006-6934 concerns Portix-PHP 0.4.2. The vulnerability is an XSS flaw in the forum post input: the fields Titre and Auteur can be crafted to inject arbitrary web script or HTML. The connected PT-2007-1214 document confirms the affected version and states the issue arises from user-supplied in...

PT-2007-1214 · Portix · Portix-Php

Name of the Vulnerable Software and Affected Versions: Portix-PHP version 0.4.2 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the titre or auteur field in a forum post, potentially leading to cross-site scripting XSS attacks. Recommendations: For...

PT-2007-1215 · Portix · Portix-Php

Name of the Vulnerable Software and Affected Versions: Portix-PHP version 0.4.2 Description: The issue allows remote attackers to execute arbitrary SQL commands via the username and passwd fields in the login component. Recommendations: For Portix-PHP version 0.4.2, update to a version that fixes...

portixSQL.txt

product:Portix-PHP vendor site :http://portix2.be risk : medium log with : username: 'or''=' passwd : 'or''=' xss post on the forum , vulnerable fields : titre auteur laurent gaffié & benjamin mossé http://s-a-p.ca/ contact: [email protected]...

Portix-PHP [login bypass & xss (post)]

product:Portix-PHP vendor site :http://portix2.be risk : medium log with : username: 'or''=' passwd : 'or''=' xss post on the forum , vulnerable fields : titre auteur laurent gaffiй & benjamin mossй http://s-a-p.ca/ contact: [email protected]...

Portix-PHP 0.4.2 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/20974/info Portix-PHP is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application,...

Portix-PHP 0.4.2 - Multiple SQL Injections

Portix-PHP 0.4.2 - Multiple SQL Injections source: https://www.securityfocus.com/bid/20974/info Portix-PHP is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...

Portix-PHP 2-0.3.2 Portal - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/18227/info Portix-PHP is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in...