Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-news vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3252
Stack-based buffer overflow in the read_article function in getarticle.c in newsx 1.6 allows remote malicious users to execute arbitrary code via a news article containing a large number of lines starting with a period.
Fedora Newsx 1.6
NA
CVE-2005-2074
Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.0.105 allows remote malicious users to inject arbitrary web script or HTML via a news or article post, possibly involving the (1) news_body, (2) article_description, or (3) article_body parameters to submit.php.
Php Fusion Php Fusion 6.0.105
NA
CVE-2008-2117
Cross-site scripting (XSS) vulnerability in pages/news.page.inc in Project Alumni 1.0.9 allows remote malicious users to inject arbitrary web script or HTML via the year parameter in a news action to index.php, a different vector than CVE-2007-6126.
Project Alumni Project Alumni 1.0.9
1 EDB exploit
NA
CVE-2008-4200
Opera prior to 9.52 does not ensure that the address field of a news feed represents the feed's actual URL, which allows remote malicious users to change this field to display the URL of a page containing web script controlled by the attacker.
Opera Opera Browser 9.22
Opera Opera Browser 9.0
Opera Opera Browser 8.54
Opera Opera Browser 7.60
Opera Opera Browser 7.54
Opera Opera Browser 9.23
Opera Opera Browser 9.26
Opera Opera Browser 8.0
Opera Opera Browser 7.21
Opera Opera Browser 7.22
Opera Opera Browser 7.0
Opera Opera Browser 7.01
Opera Opera Browser 6.0
Opera Opera Browser 6.02
Opera Opera Browser 5.0
Opera Opera Browser 5.12
Opera Opera Browser 5.02
Opera Opera Browser 9.02
Opera Opera Browser 9.01
Opera Opera Browser 8.02
Opera Opera Browser 8.01
Opera Opera Browser 9.50
NA
CVE-2009-4566
SQL injection vulnerability in index.php in Zenphoto 1.2.5 allows remote malicious users to execute arbitrary SQL commands via the title parameter in a news action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Zenphoto Zenphoto 1.2.5
1 EDB exploit
NA
CVE-2009-4172
Cross-site scripting (XSS) vulnerability in index.php in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews 8 and 8b, when magic_quotes_gpc is disabled, allows remote malicious users to inject arbitrary web script or HTML via the body of a news article in an addnews action.
Korn19 Utf-8 Cutenews 8
Korn19 Utf-8 Cutenews 8b
Cutephp Cutenews 1.4.6
2 EDB exploits
NA
CVE-2009-2569
Multiple cross-site scripting (XSS) vulnerabilities in Verlihub Control Panel (VHCP) 1.7e allow remote malicious users to inject arbitrary web script or HTML via (1) the nick parameter in a login action to index.php or (2) the URI in a news request to index.html.
Verlihub-project Verlihub Control Panel 1.7e
1 EDB exploit
9.8
CVSSv3
CVE-2005-3120
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and previous versions allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
Invisible-island Lynx
Debian Debian Linux 3.1
Debian Debian Linux 3.0
1 EDB exploit
NA
CVE-2009-3514
Multiple SQL injection vulnerabilities in d.net CMS allow remote malicious users to execute arbitrary SQL commands via (1) the page parameter to index.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (2) edit_id and (3) _p parameter in ...
Marcin Manek D.net Cms
1 EDB exploit
NA
CVE-2007-6127
Multiple SQL injection vulnerabilities in project alumni 1.0.9 and previous versions allow remote malicious users to execute arbitrary SQL commands via the year parameter to (1) view.page.inc.php, which is reachable through a view action to index.php; or (2) the year parameter to...
Project Alumni Project Alumni
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »