Description
Cross-site scripting (XSS) vulnerability in the Pages module in Shadowed Portal allows remote attackers to inject arbitrary web script or HTML via the page parameter to load.php.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Liz0ziM · textwebappsphp
https://www.exploit-db.com/exploits/27591
References (7)
Core 7
Core References
Exploit x_refsource_misc
http://liz0zim.no-ip.org/shad0w.txt
Exploit, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19595
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/25716
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/430376/100/0/threaded
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/685
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/17430
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/1286
Scores
EPSS
0.0076
EPSS Percentile
73.4%
Details
Status
published
Products (1)
shadowed_portal/shadowed_portal
< 5.7d2
Published
Apr 11, 2006
Tracked Since
Feb 18, 2026