Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sh-news sh-news vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6664
action.php in SH-News 3.0 allows remote malicious users to bypass authentication and gain administrator privileges by setting the shuser and shpass cookies to non-zero values.
Yarck Sh-news 3.0
1 EDB exploit
NA
CVE-2007-6391
SQL injection vulnerability in patch/comments.php in SH-News 3.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Sh-news Sh-news 3.0
1 EDB exploit
NA
CVE-2006-6801
PHP remote file inclusion vulnerability in misc.php in SH-News 0.93, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via the news_cfg[path] parameter.
Sh-news Sh-news 0.93
1 EDB exploit
NA
CVE-2006-5282
Multiple PHP remote file inclusion vulnerabilities in SH-News 3.1 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the scriptpath parameter to (1) report.php, (2) archive.php, (3) comments.php, (4) init.php, or (5) news.php.
Sh-news Sh-news
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started