Dcp-portal@se 6.0 Security Vulnerabilities and Issues — Dcp-portal@se 6.0 CVE List

Lucene search

Codeworx TechnologiesDcp-portalse 6.0

3 matches found

CVE•added 2006/09/15 10:7 p.m.•54 views

CVE-2006-4837

Multiple PHP remote file inclusion vulnerabilities in DCP-Portal SE 6.0 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) library/lib.php and (2) library/editor/editor.php. NOTE: the same primary issue can be used for full path disclosure with an invalid pa...

7.5CVSS8AI score0.0109EPSS

CVE•added 2006/09/15 10:7 p.m.•38 views

CVE-2006-4838

Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal SE 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) root_url and (2) dcp_version parameters in (a) admin/inc/footer.inc.php, and the root_url, (3) page_top_name, (4) page_name, and (5) page_options parame...

4.3CVSS6AI score0.00302EPSS

CVE•added 2006/09/15 10:7 p.m.•36 views

CVE-2006-4836

SQL injection vulnerability in login.php in DCP-Portal SE 6.0 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: The lostpassword.php and calendar.php vectors are already covered by CVE-2005-3365, and the search.php vector is already covered by CVE-2005-4227...

5.1CVSS8.3AI score0.03544EPSS