Skip to main content

Techno Portfolio Management Panel

5 CVEs product

Monthly

CVE-2017-17696 MEDIUM POC This Month

Techno - Portfolio Management Panel through 2017-11-16 allows full path disclosure via an invalid s parameter to panel/search.php. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Techno Portfolio Management Panel
NVD GitHub
CVSS 3.0
4.3
EPSS
0.2%
CVE-2017-17695 HIGH POC This Week

Techno - Portfolio Management Panel through 2017-11-16 allows SQL Injection via the panel/search.php s parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Techno Portfolio Management Panel
NVD GitHub
CVSS 3.0
8.8
EPSS
0.2%
CVE-2017-17694 MEDIUM POC This Month

Techno - Portfolio Management Panel through 2017-11-16 allows XSS via the panel/search.php s parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Techno Portfolio Management Panel
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-17693 MEDIUM POC This Month

Techno - Portfolio Management Panel through 2017-11-16 does not check authorization for panel/portfolio.php?action=delete requests that remove feedback. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP Techno Portfolio Management Panel
NVD GitHub
CVSS 3.0
4.3
EPSS
0.1%
CVE-2017-17110 CRITICAL POC THREAT Emergency

Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php?id= request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 17.7%.

SQLi PHP Techno Portfolio Management Panel
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
17.7%
Threat
4.0
EPSS 0% CVSS 4.3
MEDIUM POC This Month

Techno - Portfolio Management Panel through 2017-11-16 allows full path disclosure via an invalid s parameter to panel/search.php. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Techno Portfolio Management Panel
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Techno - Portfolio Management Panel through 2017-11-16 allows SQL Injection via the panel/search.php s parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Techno Portfolio Management Panel
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Techno - Portfolio Management Panel through 2017-11-16 allows XSS via the panel/search.php s parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Techno Portfolio Management Panel
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM POC This Month

Techno - Portfolio Management Panel through 2017-11-16 does not check authorization for panel/portfolio.php?action=delete requests that remove feedback. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP Techno Portfolio Management Panel
NVD GitHub
EPSS 18% 4.0 CVSS 9.8
CRITICAL POC THREAT Emergency

Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php?id= request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 17.7%.

SQLi PHP Techno Portfolio Management Panel
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy