Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

newsphp newsphp vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2006-0413
Multiple SQL injection vulnerabilities in index.php in NewsPHP allow remote malicious users to execute arbitrary SQL commands via the (1) discuss, (2) tim, (3) id, (4) last, and (5) limit parameter.
Newsphp Newsphp
NA
CVE-2003-0753
nphpd.php in newsPHP 216 and previous versions allows remote malicious users to read arbitrary files via a full pathname to the target file in the nphp_config[LangFile] parameter.
Newsphp Newsphp
NA
CVE-2004-2688
Cross-site scripting (XSS) vulnerability in index.php in NewsPHP allows remote malicious users to inject arbitrary web script or HTML via the cat_id parameter. NOTE: this issue might overlap vector 3 in CVE-2006-3358.
Newsphp Newsphp
NA
CVE-2004-2690
Unrestricted file upload vulnerability in the Administration Panel for NewsPHP allows remote authenticated administrators to upload and execute arbitrary code instead of video files.
Newsphp Newsphp
NA
CVE-2003-0754
nphpd.php in newsPHP 216 and previous versions allows remote malicious users to bypass authentication via an HTTP request with a modified nphp_users array, which is used for authentication.
Newsphp Newsphp
NA
CVE-2004-2689
NewsPHP allows remote malicious users to gain unauthorized administrative access by setting a cookie to the "autorized=admin; root=admin" value.
Newsphp Newsphp
NA
CVE-2006-3358
Multiple cross-site scripting (XSS) vulnerabilities in index.php in NewsPHP 2006 PRO allow remote malicious users to inject arbitrary web script or HTML via the (1) words, (2) id, (3) cat_id, and (4) tim parameters, which are not sanitized before being returned in an error page. ...
Newsphp Newsphp 2006 Pro
NA
CVE-2006-3359
Multiple SQL injection vulnerabilities in index.php in NewsPHP 2006 PRO allow remote malicious users to inject arbitrary web script or HTML via the (1) words, (2) id, (3) topmenuitem, and (4) cat_id parameters in (a) index.php; and the (5) category parameter in (b) inc/rss_feed.p...
Newsphp Newsphp 2006 Pro
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook