Phanatic Softwares Chimera Web Portal vulnerabilities
2 known vulnerabilities affecting phanatic_softwares/chimera_web_portal.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2006-0137P3HIGHCVSS 7.5PoCv0.22006-01-09
CVE-2006-0137 [HIGH] CVE-2006-0137: SQL injection vulnerability in linkcategory.php in Phanatic Softwares Chimera Web Portal System 0.2
SQL injection vulnerability in linkcategory.php in Phanatic Softwares Chimera Web Portal System 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
nvd
CVE-2006-0136P4MEDIUMCVSS 4.3PoCv0.22006-01-09
CVE-2006-0136 [MEDIUM] CVE-2006-0136: Multiple cross-site scripting (XSS) vulnerabilities in the guestbook module in modules.php in Phanat
Multiple cross-site scripting (XSS) vulnerabilities in the guestbook module in modules.php in Phanatic Softwares Chimera Web Portal System 0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) comment_poster, (2) comment_poster_email, (3) comment_poster_homepage, and (4) comment_text parameters.
nvd