Back to CVE Browser

CVE-2005-0948

HIGH

7.5

CVSS Severity Score

EPSS Score0.0560%

EPSS Percentile20.54th

PublishedMay 2, 2005

Last ModifiedApr 16, 2026

Vulnerability Description

SQL injection vulnerability in ad_click.asp for PortalApp allows remote attackers to execute arbitrary SQL commands via the banner_id parameter.

Affected Platforms (CPE)

📦

Iatek

Portalapp

All versions

References & Advisories

🔗 http://icis.digitalparadox.org/~dcrab/portalapp.txt

🔗 http://marc.info/?l=bugtraq&m=111213291118273&w=2

🔗 http://secunia.com/advisories/14749

🔗 http://securitytracker.com/id?1013591

🔗 http://www.securityfocus.com/bid/12936

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/19892

🔗 http://icis.digitalparadox.org/~dcrab/portalapp.txt

🔗 http://marc.info/?l=bugtraq&m=111213291118273&w=2

Related Vulnerabilities

CVE-2002-165910.0

user_profile.asp in PortalApp 2.2 allows local users to gain privileges by modifying the user_id variable.

CVE-2008-461510.0

Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has unknown impact and attack vectors.

CVE-2007-32527.8

PortalApp stores sensitive information under the web root with insufficient access control, which allows remote attackers to downl...

CVE-2008-46147.5

PortalApp 4.0 does not require authentication for (1) forums.asp and (2) content.asp, which allows remote attackers to create and ...