Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Portalapp Security Vulnerabilities

cve
cve

CVE-2007-3252

PortalApp stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for 8691.mdb, a different vector than CVE-2004-1786.

6.3AI Score

0.038EPSS

2007-06-18 10:30 AM
30
cve
cve

CVE-2008-4612

Cross-site scripting (XSS) vulnerability in PortalApp 4.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter to (1) forums.asp and (2) content.asp.

5.7AI Score

0.003EPSS

2008-10-20 06:14 PM
57
cve
cve

CVE-2008-4613

SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remote attackers to execute arbitrary SQL commands via the sortby parameter.

8.4AI Score

0.003EPSS

2008-10-20 06:14 PM
30
cve
cve

CVE-2008-4614

PortalApp 4.0 does not require authentication for (1) forums.asp and (2) content.asp, which allows remote attackers to create and delete forums, topics, and replies.

7AI Score

0.016EPSS

2008-10-20 06:14 PM
33
cve
cve

CVE-2008-4615

Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has unknown impact and attack vectors.

6.6AI Score

0.003EPSS

2008-10-20 06:14 PM
21