Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web-news web-news vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5053
PHP remote file inclusion vulnerability in webnews/template.php in Web-News 1.6.3 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the content_page parameter.
Web-news Web-news
1 EDB exploit
NA
CVE-2005-2896
SQL injection vulnerability in WEB//NEWS 1.4 allows remote malicious users to execute arbitrary SQL commands via the (1) wn_userpw parameter to startup.php, (2) cat, (3) id, or (4) stof parameter to news.php, or (5) id parameter to print.php.
Stylemotion Web News 1.4
3 EDB exploits
NA
CVE-2005-2897
WEB//NEWS 1.4 allows remote malicious users to obtain sensitive information via a direct request to files in the actions directory, which reveal the path in an error message, as demonstrated using cat.add.php.
Stylemotion Web News 1.4
NA
CVE-2007-4329
Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 allow remote malicious users to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) news.php, or (3) feed.php.
Mapos Scripts Web News 1.1
3 EDB exploits
NA
CVE-2006-5100
PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS (aka webnews) 1.4 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the WN_BASEDIR parameter.
Netwin Webnews 1.1i
Netwin Webnews 1.1j
Netwin Webnews 1.1k
Netwin Webnews 1.1h
Netwin Webnews 1.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started