Jobs Portal version 3.0 suffers from remote SQL injection and cross site scripting vulnerabilities.
a99fcd0bd41bc6f9abd28a43cd0fd0e0ed3f34ede832e0246bf2c24b0f585df8Liferay Portal suffers from a takeover vulnerability due to a single HTTP request allowing an attacker to reconfigure which memcached to use. Proof of concept code included. Version 6.1 ce is confirmed vulnerable.
52363e44fb0da67d9da2ef19c482ca115b0e60ea50da8776e953b5d028b5ea91PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
4f8b4518e51638a4a7ae0c0c2a4a8d382eca998798bac68923b88a5731cfb863Hotel Booking Portal version 0.1 suffers from a remote SQL injection vulnerability.
e5bd761b6b77d6401e0829fb292820e953061861cf27bd9e56a3a7e67b73d807WebPortal CMS Beta suffers from a shell upload vulnerability.
0a16776905892f9932c6a81532948beda759b23fb0a1ebd44a1a250d6589aa23Secunia Security Advisory - High-Tech Bridge SA has reported multiple vulnerabilities in ocPortal, which can be exploited by malicious people to disclose potentially sensitive information and conduct cross-site scripting attacks.
d542eb796aac0fe41bbbd2adf0f9a1c05f3bad363e7aca7683728d2be595ed13Secunia Security Advisory - A vulnerability has been reported in Proficy Real-Time Information Portal, which can be exploited by malicious people to manipulate certain data.
b2ef76f7aacc74d5255265caa2c4d5132cc3ba7b56fe43a98e8164b52f199f88Saman Portal suffers from a local file inclusion vulnerability.
2632eee686a4e9351a65cadbb8a788712e659de6696e09063c84ee4776c0a097Saman Portal suffers from a local file inclusion vulnerability.
f245aeea6b3f77592cd6dfc9450697947d068c975c0e07a0e1db15820a8fbdafSecunia Security Advisory - A vulnerability has been reported in the Witze addon for deV!L'z Clanportal, which can be exploited by malicious people to conduct SQL injection attacks.
ffc5ef0672c3dc0b09eef95981a013b8785bbc3f4fa30ac110036be49fc2fc11deV!L`z Clanportal Witze add-on version 0.9 suffers from a remote SQL injection vulnerability.
1a41b3da1ce02aa31f75b547c7ce2bfc84fead8cc9e1e96acd6aaf17fff8eb77Red Hat Security Advisory 2012-0345-02 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. It was found that JBoss Web did not handle large numbers of parameters and large parameter values efficiently. A remote attacker could make JBoss Web use an excessive amount of CPU time by sending an HTTP request containing a large number of parameters or large parameter values. This update introduces limits on the number of parameters and headers processed per request to address this issue. The default limit is 512 for parameters and 128 for headers. These defaults can be changed by setting the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties in "jboss-as/server/[PROFILE]/deploy/properties-service.xml".
5f8ed354af7f93aae635f0011391c698a68ac7e5da46495e45b1d1b424d2b453PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
ba03e5371037a7543536b1b3657f4b8d9eb3f36d5711e818d4cc69d3057f12f4STHS v2 Web Portal version 2.2 suffers from a remote SQL injection vulnerability.
df2aef2b8ed5719432fab9d65d36c1e6976ddeece6ee659a2784031108fcd5bdSecunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Portal Platform. This fixes multiple weaknesses, a security issue, and multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a vulnerable system.
4d46d88fe1552e6fef5b6dc95b3fc4a042a2f4f0ea8038b01309fd5cfc6856bcRed Hat Security Advisory 2012-0091-01 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. This JBoss Enterprise Portal Platform 4.3 CP07 release serves as a replacement for JBoss Enterprise Portal Platform 4.3 CP06.
8d477b129cade9168945756f320e10f89d8e0cf7bba8bf7336e147cc0e23f36aSecunia Security Advisory - A vulnerability has been reported in the Moviebase addon for deV!L'z Clanportal, which can be exploited by malicious people to conduct SQL injection attacks.
73d6f16cf4d4fd2ab38e4e3667f2c8e45017634f40e781b1d0d61c354aa430deSOOP Portal Raven version 1.0 suffers from a fckeditor shell upload vulnerability.
0f8273872316d694baa3f500986ae9071919c3115aa8db27659d4bf52a44aaadSMF Portal version 1.1.16 fckeditor suffers from an arbitrary file upload vulnerability.
04babd577f16ab3b3226783c0614188c3210538cd0494f5a7fa636ca41c2f6f2The deV!L`z Clanportal version 1.5.5 Moviebase add-on suffers from a remote SQL injection vulnerability.
6d5a7924a34b72b16edc5519639f6524b61aa185cc5047a781541906f69889c4The deV!L`z Clanportal Gamebase add-on suffers from a remote SQL injection vulnerability.
3492ac0e196fec26a595040d9c4171120263e3306bf97c75e457afec9ed34b8dSecunia Security Advisory - A vulnerability has been reported in the Gamebase addon for deV!L'z Clanportal, which can be exploited by malicious people to conduct SQL injection attacks.
95afebcc57615fdd4c484442dbdaee3b1c683ac015091545b78fff917e7b375dSecunia Security Advisory - A vulnerability has been reported in Contus Jobs Portal, which can be exploited by malicious people to conduct SQL injection attacks.
0db27dfc646c3830b9e76c1702651b0515e8f5c3be9ba38b02f7dcb300596bd7ARASTAR Portal System suffers from a cross site scripting vulnerability.
32fe953c4b69bbc4c887b2a46cb5fe2901ad4a8a9a4c445c453cef140d62e1b6Contus Job Portal suffers from a remote SQL injection vulnerability.
855725ce2adeba5240d6804c2179d7037d4e7091c389037c22510defce3ee255jPORTAL version 2 suffers from a remote SQL injection vulnerability in comment.php.
efe333d0450c8e81702edfcdab372e51985d72c7a70fc7c87ed614810710f3f2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed