Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
newsphp newsphp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0413
Multiple SQL injection vulnerabilities in index.php in NewsPHP allow remote malicious users to execute arbitrary SQL commands via the (1) discuss, (2) tim, (3) id, (4) last, and (5) limit parameter.
Newsphp Newsphp
1 EDB exploit
NA
CVE-2003-0753
nphpd.php in newsPHP 216 and previous versions allows remote malicious users to read arbitrary files via a full pathname to the target file in the nphp_config[LangFile] parameter.
Newsphp Newsphp
NA
CVE-2004-2688
Cross-site scripting (XSS) vulnerability in index.php in NewsPHP allows remote malicious users to inject arbitrary web script or HTML via the cat_id parameter. NOTE: this issue might overlap vector 3 in CVE-2006-3358.
Newsphp Newsphp
NA
CVE-2004-2690
Unrestricted file upload vulnerability in the Administration Panel for NewsPHP allows remote authenticated administrators to upload and execute arbitrary code instead of video files.
Newsphp Newsphp
NA
CVE-2003-0754
nphpd.php in newsPHP 216 and previous versions allows remote malicious users to bypass authentication via an HTTP request with a modified nphp_users array, which is used for authentication.
Newsphp Newsphp
NA
CVE-2004-2689
NewsPHP allows remote malicious users to gain unauthorized administrative access by setting a cookie to the "autorized=admin; root=admin" value.
Newsphp Newsphp
NA
CVE-2006-3358
Multiple cross-site scripting (XSS) vulnerabilities in index.php in NewsPHP 2006 PRO allow remote malicious users to inject arbitrary web script or HTML via the (1) words, (2) id, (3) cat_id, and (4) tim parameters, which are not sanitized before being returned in an error page. ...
Newsphp Newsphp 2006 Pro
2 EDB exploits
NA
CVE-2006-3359
Multiple SQL injection vulnerabilities in index.php in NewsPHP 2006 PRO allow remote malicious users to inject arbitrary web script or HTML via the (1) words, (2) id, (3) topmenuitem, and (4) cat_id parameters in (a) index.php; and the (5) category parameter in (b) inc/rss_feed.p...
Newsphp Newsphp 2006 Pro
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started