Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web-news web-news vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-5053
PHP remote file inclusion vulnerability in webnews/template.php in Web-News 1.6.3 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the content_page parameter.
Web-news Web-news
1 EDB exploit
7.5
CVSSv2
CVE-2005-2896
SQL injection vulnerability in WEB//NEWS 1.4 allows remote malicious users to execute arbitrary SQL commands via the (1) wn_userpw parameter to startup.php, (2) cat, (3) id, or (4) stof parameter to news.php, or (5) id parameter to print.php.
Stylemotion Web News 1.4
3 EDB exploits
5
CVSSv2
CVE-2005-2897
WEB//NEWS 1.4 allows remote malicious users to obtain sensitive information via a direct request to files in the actions directory, which reveal the path in an error message, as demonstrated using cat.add.php.
Stylemotion Web News 1.4
6.8
CVSSv2
CVE-2007-4329
Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 allow remote malicious users to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) news.php, or (3) feed.php.
Mapos Scripts Web News 1.1
3 EDB exploits
7.5
CVSSv2
CVE-2006-5100
PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS (aka webnews) 1.4 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the WN_BASEDIR parameter.
Netwin Webnews 1.1i
Netwin Webnews 1.1j
Netwin Webnews 1.1k
Netwin Webnews 1.1h
Netwin Webnews 1.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started