http://www.snkenjoi.com/secadv/secadv8.txt

sNKenjoi's Security Advisory: XSS Vunerabilities in PortalApp v3.3


Security Advisory: XSS Vunerabilities in PortalApp v3.3
Severity: Medium
Title: XSS Vunerabilities in PortalApp v3.3

Vendor: Iatek
Vendor Website: http://www.portalapp.com/

Proof of Concept Exploits: 

XSS
http://localhost/content.asp?contenttype=[XSS]
Syntax Error
http://localhost/content.asp?ContentId=..
http://localhost/content.asp?CatId=..
http://localhost/search_content.asp?ContentTypeId=..
http://localhost/forums.asp?ForumId=..

snkenjoi.com & zone-h.org
snkenjoi@gmail.com