CyberSec.Space Logo
Back to CVE Browser

CVE-2008-4614

HIGH
7.5
CVSS Severity Score
EPSS Score0.0070%
EPSS Percentile4.54th
PublishedOct 20, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

PortalApp 4.0 does not require authentication for (1) forums.asp and (2) content.asp, which allows remote attackers to create and delete forums, topics, and replies.

Affected Platforms (CPE)

πŸ“¦
Portalapp

Portalapp

= 4.0

References & Advisories

πŸ”— http://secunia.com/advisories/28337
πŸ”— http://securityreason.com/securityalert/4439
πŸ”— http://www.aspapp.com/content.asp?CatId=197&ContentType=Downloads
πŸ”— http://www.securityfocus.com/bid/27170
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/39457
πŸ”— https://www.exploit-db.com/exploits/4848
πŸ”— http://secunia.com/advisories/28337
πŸ”— http://securityreason.com/securityalert/4439

Related Vulnerabilities

CVE-2008-461510.0

Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has unknown impact and attack vectors.

CVE-2002-165910.0

user_profile.asp in PortalApp 2.2 allows local users to gain privileges by modifying the user_id variable.

CVE-2007-32527.8

PortalApp stores sensitive information under the web root with insufficient access control, which allows remote attackers to downl...

CVE-2005-09487.5

SQL injection vulnerability in ad_click.asp for PortalApp allows remote attackers to execute arbitrary SQL commands via the banner...