CyberSec.Space Logo
CVEブラウザに戻る

CVE-2002-1659

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1400%
EPSS Percentile30.97th
Published2002年12月31日
Last Modified2026年4月16日

Vulnerability Description

user_profile.asp in PortalApp 2.2 allows local users to gain privileges by modifying the user_id variable.

Affected Platforms (CPE)

📦
Iatek

Portalapp

= 2.2

References & Advisories

🔗 http://secunia.com/advisories/10465
🔗 http://securitytracker.com/id?1005541
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/10558
🔗 http://secunia.com/advisories/10465
🔗 http://securitytracker.com/id?1005541
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/10558

関連する脆弱性情報

CVE-2008-461510.0

Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has unknown impact and attack vectors.

CVE-2007-32527.8

PortalApp stores sensitive information under the web root with insufficient access control, which allows remote attackers to downl...

CVE-2005-09487.5

SQL injection vulnerability in ad_click.asp for PortalApp allows remote attackers to execute arbitrary SQL commands via the banner...

CVE-2008-46147.5

PortalApp 4.0 does not require authentication for (1) forums.asp and (2) content.asp, which allows remote attackers to create and ...