CVE-2008-3213

The provided connected documents confirm a SQL injection vulnerability in WebCMS Portal Edition specifically in secciones/tablon/tablon.php, exploitable via the id parameter passed to portal/index.php in a tablon action. The root cause is unsanitized input leading to arbitrary SQL execution. Repo...

CVE-2008-4186

The CVE-2008-4186 entry refers to a vulnerability in the webCMS Portal Edition where the issue is caused by an SQL injection in the file index.php via the parameter id_doc . The vulnerability allows remote attackers to execute arbitrary SQL commands. The root cause and affected component are docu...

CVE-2008-4185

CVE-2008-4185 and related entry describe an SQL injection in WebCMS Portal Edition. The flaw affects the application’s handling of the id parameter in documents actions, enabling remote attackers to execute arbitrary SQL commands. The cited paths vary by entry (index.php in the WebCMS Portal Edit...

CVE-2008-4184

The CVE affects webCMS Portal Edition, via an XSS in index.php that allows remote injection of arbitrary script/HTML through the patron parameter. Root cause is improper handling of input in index.php enabling reflected/stored XSS as described in CVE-2008-4184 and corroborated by NVD references. ...