cbcvebase.

Portail Web Php vulnerabilities

6 known vulnerabilities affecting portail_web_php/portail_web_php.

Total CVEs
6
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2008-0645P3HIGHCVSS 7.5PoCv2.5.1.12008-02-07
CVE-2008-0645 [HIGH] CWE-94 CVE-2008-0645: Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 allow remote attackers Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) config/conf-activation.php, (2) menu/item.php, and (3) modules/conf_modules.php in admin/system/; and (4) system/login.php. NOTE: the provenance of this information is unknown; the
nvd
CVE-2007-0699P3HIGHCVSS 7.5PoC≤ 2.5.1v0.992007-02-04
CVE-2007-0699 [HIGH] CWE-94 CVE-2007-0699: PHP remote file inclusion vulnerability in includes/includes.php in Guernion Sylvain Portail Web Php PHP remote file inclusion vulnerability in includes/includes.php in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) before 2.5.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the site_path parameter.
nvd
CVE-2008-1068P3MEDIUMCVSS 6.8PoC≤ 2.5.1.12008-02-28
CVE-2008-1068 [MEDIUM] CVE-2008-1068: Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 and earlier allow remo Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) Vert/index.php, (2) Noir/index.php, and (3) Bleu/index.php in template/, different vectors than CVE-2008-0645.
nvd
CVE-2002-2277P4HIGHCVSS 7.5v0.992002-12-31
CVE-2002-2277 [HIGH] CWE-89 CVE-2002-2277: SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to ex SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin variables.
nvd
CVE-2007-0700P4MEDIUMCVSS 5.0v2.5.1.12007-02-04
CVE-2007-0700 [MEDIUM] CWE-22 CVE-2007-0700: Directory traversal vulnerability in index.php in Guernion Sylvain Portail Web Php (aka Gsylvain35 P Directory traversal vulnerability in index.php in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this issue was later reported for 2.5.1.1.
nvd
CVE-2002-2278P4MEDIUMCVSS 4.3v0.992002-12-31
CVE-2002-2278 [MEDIUM] CWE-79 CVE-2002-2278: Cross-site scripting (XSS) vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote at Cross-site scripting (XSS) vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the (1) $App_Theme, (2) $Rub_Search, (3) $Rub_News, (4) $Rub_File, (5) $Rub_Liens, or (6) $Rub_Faq variables.
nvd
Portail Web Php vulnerabilities | cvebase