Description
Multiple SQL injection vulnerabilities in SkyPortal RC6 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) nc_top.asp; (2) inc_bookmarks.asp, possibly involving a parameter passed from cp_main.asp; (3) inc_profile_functions.asp; or (4) inc_SUBSCRIPTIONS.asp; or the (5) Avatar_URL, (6) LINK1, or (7) LINK2 parameter to cp_main.asp in an EditIt action.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by BugReport.IR · textwebappsphp
https://www.exploit-db.com/exploits/4638
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38595
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/4638
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/315107
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/26504
Scores
EPSS
0.0252
EPSS Percentile
85.5%
Details
CWE
CWE-89
Status
published
Products (1)
skyportal/skyportal
rc6
Published
Nov 21, 2007
Tracked Since
Feb 18, 2026