Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
news project news vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-6290
The News (tt_news) extension prior to 3.5.2 for TYPO3 allows remote malicious users to have unspecified impact via vectors related to an "insecure unserialize" issue.
News Project News 3.0.0
News Project News 3.0.1
News Project News 3.2.0
News Project News 3.4.0
News Project News 3.5.0
News Project News
News Project News 3.1.0
News Project News 3.2.1
6.1
CVSSv3
CVE-2021-36790
The dated_news (aka Dated News) extension up to and including 5.1.1 for TYPO3 allows XSS.
Dated News Project Dated News
9.8
CVSSv3
CVE-2021-36789
The dated_news (aka Dated News) extension up to and including 5.1.1 for TYPO3 allows SQL Injection.
Dated News Project Dated News
5.3
CVSSv3
CVE-2021-36791
The dated_news (aka Dated News) extension up to and including 5.1.1 for TYPO3 allows Information Disclosure of application registration data.
Dated News Project Dated News
7.2
CVSSv3
CVE-2021-36792
The dated_news (aka Dated News) extension up to and including 5.1.1 for TYPO3 has incorrect Access Control for confirming various applications.
Dated News Project Dated News
9.8
CVSSv3
CVE-2017-7581
SQL injection vulnerability in NewsController.php in the News module 5.3.2 and previous versions for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand for order and OrderByAllowed.
News System Project News System
NA
CVE-2014-6237
Cross-site scripting (XSS) vulnerability in the News Pack extension 0.1.0 and previous versions for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
News Pack Project News Pack 0.1.0
NA
CVE-2014-6709
The TechRadar News (aka com.techradar.news) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Techradar News Project Techradar News 1
NA
CVE-2014-6788
The Oman News (aka com.oman.news.rmtzlnbuooordciw) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Oman News Project Oman News 1
7.5
CVSSv3
CVE-2018-1000515
ventrian News-Articles version NewsArticles.00.09.11 contains a XML External Entity (XXE) vulnerability in News-Articles/API/MetaWebLog/Handler.ashx.vb that can result in Attacker can read any file in the server or use smbrelay attack to access to server..
News-articles Project News-articles 00.09.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »