Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-news vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2020-10494
CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to edit a news article, given the id, via a crafted request.
Chadhaajay Phpkb 9.0
NA
CVE-2010-1713
SQL injection vulnerability in modules.php in PostNuke 0.764 allows remote malicious users to execute arbitrary SQL commands via the sid parameter in a News article modload action.
Postnuke Postnuke 0.764
1 EDB exploit
6.1
CVSSv3
CVE-2018-15677
The newsfeed (aka /index.php?page=viewnews) in BTITeam XBTIT 2.5.4 has stored XSS via the title of a news item. This is also exploitable via CSRF.
Btiteam Xbtit 2.5.4
NA
CVE-2007-5834
Cross-site scripting (XSS) vulnerability in BosDev BosNews 4 allows remote malicious users to inject arbitrary web script or HTML via a SCRIPT element in a news post.
Bosdev Bosnews 4
NA
CVE-2010-1994
SQL injection vulnerability in index.php in TomatoCMS prior to 2.0.5 allows remote malicious users to execute arbitrary SQL commands via the q parameter in conjunction with a /news/search PATH_INFO.
Tomatocms Tomatocms
Tomatocms Tomatocms 2.0.3.1622
Tomatocms Tomatocms 2.0.3.1430
Tomatocms Tomatocms 2.0.3
Tomatocms Tomatocms 2.0.2
Tomatocms Tomatocms 2.0.1
Tomatocms Tomatocms 2.0.0
1 EDB exploit
NA
CVE-2007-3330
Cross-site scripting (XSS) vulnerability in STphp EasyNews PRO 4.0 allows remote malicious users to inject arbitrary web script or HTML via a news post, which is stored in news/ without sanitization.
Stphp Easynews 4.0
NA
CVE-2008-4698
Opera prior to 9.61 does not properly block scripts during preview of a news feed, which allows remote malicious users to create arbitrary new feed subscriptions and read the contents of arbitrary feeds.
Opera Opera Browser 9.20
Opera Opera Browser 9.12
Opera Opera Browser 9.22
Opera Opera Browser 9.21
Opera Opera Browser 8.54
Opera Opera Browser 8.53
Opera Opera Browser 7.54
Opera Opera Browser 7.53
Opera Opera Browser 9.26
Opera Opera Browser 9.27
Opera Opera Browser 8.0
Opera Opera Browser 7.22
Opera Opera Browser 7.50
Opera Opera Browser 7.01
Opera Opera Browser 7.02
Opera Opera Browser 6.0
Opera Opera Browser 6.1
Opera Opera Browser 5.0
Opera Opera Browser 5.02
Opera Opera Browser 9.51
Opera Opera Browser 9.52
Opera Opera Browser 9.01
NA
CVE-2007-6556
Multiple SQL injection vulnerabilities in websihirbazi 5.1.1 allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to default.asp in a news page action or (2) the pageid parameter to default.asp.
Websihirbazi Websihirbazi 5.1.1
1 EDB exploit
NA
CVE-2007-3331
Cross-site request forgery (CSRF) vulnerability in STphp EasyNews PRO 4.0 allows remote malicious users to change the admin password via (1) a certain HTML form that is posted automatically by JavaScript or (2) a news post.
Stphp Easynews 4.0
NA
CVE-2009-3444
Cross-site scripting (XSS) vulnerability in email.php in e107 0.7.16 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the HTTP Referer header in a news.1 (aka news to email) action.
E107 E107 0.6 14
E107 E107 0.6 13
E107 E107 0.604
E107 E107 0.603
E107 E107 0.608
E107 E107 0.609
E107 E107 0.615a
E107 E107 0.616
E107 E107 0.553 Beta
E107 E107 0.551 Beta
E107 E107 0.6 10
E107 E107 0.607
E107 E107 0.612
E107 E107 0.613
E107 E107 0.6172
E107 E107 0.6173
E107 E107 0.545
E107 E107 0.554
E107 E107 0.549 Beta
E107 E107
E107 E107 0.7.10
E107 E107 0.7.8
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »