PortalApp 4.0 - SQL Injection / Cross-Site Scripting / Authentication Bypass

Title: PortalApp 4.0 Multiple vulnerabilities Discovered By: r3dm0v3 http://r3dm0v3.persianblog.ir r3dm0v3 4t yahoodotcom Tehran - Iran Vendor: http://www.portalapp.com Vulnerable Version: 4.0, prior versions maybe vulnerable Remote Exploit: Yes Dork: "Copyright @2007 Iatek LLC" Fix: Not Availabl...