CVE-2008-6168

Miniportail - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in search.php in miniPortail 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified argument, probably the search string.

Exploits (1)

exploitdb WRITEUP VERIFIED

by StAkeR · textwebappsphp

https://www.exploit-db.com/exploits/6821

View Code ZIP pw:eip

References (3)

[Exploit] http://www.securityfocus.com/bid/31895

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6821

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/46080

Scores

EPSS 0.0246

EPSS Percentile 85.0%

Classification

CWE

CWE-79

Status published

Affected Products (5)

miniportail/miniportail

n/a/n/a

Timeline

Published Feb 19, 2009

Tracked Since Feb 18, 2026