Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web-news web-news vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2006-5053
PHP remote file inclusion vulnerability in webnews/template.php in Web-News 1.6.3 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the content_page parameter.
Web-news Web-news
1 EDB exploit
445
VMScore
CVE-2005-2897
WEB//NEWS 1.4 allows remote malicious users to obtain sensitive information via a direct request to files in the actions directory, which reveal the path in an error message, as demonstrated using cat.add.php.
Stylemotion Web News 1.4
765
VMScore
CVE-2005-2896
SQL injection vulnerability in WEB//NEWS 1.4 allows remote malicious users to execute arbitrary SQL commands via the (1) wn_userpw parameter to startup.php, (2) cat, (3) id, or (4) stof parameter to news.php, or (5) id parameter to print.php.
Stylemotion Web News 1.4
3 EDB exploits
695
VMScore
CVE-2007-4329
Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 allow remote malicious users to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) news.php, or (3) feed.php.
Mapos Scripts Web News 1.1
3 EDB exploits
755
VMScore
CVE-2006-5100
PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS (aka webnews) 1.4 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the WN_BASEDIR parameter.
Netwin Webnews 1.1i
Netwin Webnews 1.1j
Netwin Webnews 1.1k
Netwin Webnews 1.1h
Netwin Webnews 1.4
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started