Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-news vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2292
Cross-site scripting (XSS) vulnerability in Appleple a-News 2.32 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Appleple A-news 2.32
8.8
CVSSv3
CVE-2018-15177
In Gxlcms 2.0, a news/index.php?s=Admin-Admin-Insert CSRF attack can add an administrator account.
Gxlcms Gxlcms 2.0
9.8
CVSSv3
CVE-2019-10653
An issue exists in Hsycms V1.1. There is a SQL injection vulnerability via a /news/*.html page.
Hsycms Hsycms 1.1
4.8
CVSSv3
CVE-2018-9993
YUNUCMS 1.0.7 has XSS via the content title on an admin/content/addcontent/cid/## page (aka a news center page).
Yunucms Yunucms 1.0.7
NA
CVE-2003-0495
Cross-site scripting (XSS) vulnerability in LedNews 0.7 allows remote malicious users to insert arbitrary web script via a news item.
Ledscripts.com Lednews 0.7
1 EDB exploit
4.3
CVSSv3
CVE-2020-10488
CSRF in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to delete a news article via a crafted request.
Chadhaajay Phpkb 9.0
NA
CVE-2001-1035
Binary decoding feature of slrn 0.9 and previous versions allows remote malicious users to execute commands via shell scripts that are inserted into a news post.
Slrn Development Team Slrn
NA
CVE-2003-0855
Pan 0.13.3 and previous versions allows remote malicious users to cause a denial of service (crash) via a news post with a long author email address.
Charles Kerr Pan
NA
CVE-2010-4859
SQL injection vulnerability in index.php in WebAsyst Shop-Script allows remote malicious users to execute arbitrary SQL commands via the blog_id parameter in a news action.
Webasyst Shop-script
NA
CVE-2008-0677
SQL injection vulnerability in blog.php in A-Blog 2 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a news action.
A-blog A-blog 2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »