SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin variables.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| portail_web_php | portail_web_php | 0.99 |
Cross-site scripting (XSS) vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the (1) $App_Theme, (2) $Rub_Search, (3) $Rub_News, (4) $Rub_File, (5) $Rub_Liens, or (6) $Rub_Faq variables.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| portail_web_php | portail_web_php | 0.99 |