3 matches found
CVE-2008-6715
Pre ADS Portal 2.0 and earlier are affected by cross-site scripting (XSS) vulnerabilities. The CVE describes XSS via the msg parameter to two admin pages: homeadmin/adminhome.php and homeadmin/signinform.php. The vulnerable component is the web front-end; root cause is unsanitized input in the ms...
CVE-2008-6716
CVE-2008-6716 affects the Pre ADS Portal up to version 2.0. The vulnerability is that homeadmin/adminhome.php does not require administrative authentication, allowing remote attackers to cause an unspecified impact via a direct request. The NVD records a high impact (CVSS v2.0 base score 7.5) wit...
CVE-2008-2916
CVE-2008-2916 describes multiple SQL injection vulnerabilities in Pre ADS Portal 2.0 and earlier. The issue allows remote attackers to execute arbitrary SQL commands through user-supplied input: the cid parameter to showcategory.php and the id parameter to software-description.php, in environment...