• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Multiple ASPapp Portal Vulnerabilities

ASPapp PortalApp, IntranetApp and ProjectApp have been reported prone to multiple vulnerabilities. The issues are due to design errors and insufficient sanitization performed on user supplied data. An attacker may exploit these issues to elevate privileges, hijack accounts, disclose portal user passwords and mount HTML injection and cross-site scripting style attacks.