Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
newscoop vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-1933
Multiple PHP remote file inclusion vulnerabilities in Newscoop 3.5.x prior to 3.5.5 and 4 before RC4, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[g_campsiteDir] parameter to (1) include/phorum_load.php, (2)...
Sourcefabric Newscoop 3.5.0
Sourcefabric Newscoop 4.0
Sourcefabric Newscoop 3.5.2
Sourcefabric Newscoop 3.5.4
Sourcefabric Newscoop 3.5.3
Sourcefabric Newscoop 3.5.1
1 EDB exploit
NA
CVE-2013-0730
Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 4.x up to and including 4.1.0 allow remote malicious users to inject arbitrary web script or HTML via vectors involving the (1) language parameter to application/modules/admin/controllers/LanguagesController.php or (...
Sourcefabric Newscoop 4.0
Sourcefabric Newscoop 4.0.4
Sourcefabric Newscoop 4.0.1
Sourcefabric Newscoop 4.1.0
Sourcefabric Newscoop 4.0.2
Sourcefabric Newscoop 4.0.3
NA
CVE-2012-1934
SQL injection vulnerability in admin/country/edit.php in Newscoop prior to 3.5.5 and 4.x prior to 4 RC4 allows remote malicious users to execute arbitrary SQL commands via the f_country_code parameter.
Sourcefabric Newscoop 3.5.2
Sourcefabric Newscoop 3.5.4
Sourcefabric Newscoop 4
Sourcefabric Newscoop 3.5.0
Sourcefabric Newscoop 3.5.3
Sourcefabric Newscoop 3.5.1
1 EDB exploit
NA
CVE-2012-1935
Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 3.5.x prior to 3.5.5 and 4.x prior to 4 RC4 allow remote malicious users to inject arbitrary web script or HTML via the (1) Back parameter to admin/ad.php, or the (2) token or (3) f_email parameter to admin/password_...
Sourcefabric Newscoop 4
Sourcefabric Newscoop 3.5.0
Sourcefabric Newscoop 3.5.3
Sourcefabric Newscoop 3.5.1
Sourcefabric Newscoop 3.5.2
Sourcefabric Newscoop 3.5.4
1 EDB exploit
NA
CVE-2012-4679
Cross-site scripting (XSS) vulnerability in admin/login.php in Newscoop prior to 3.5.5 allows remote malicious users to inject arbitrary web script or HTML via the f_user_name parameter.
Sourcefabric Newscoop 3.5.1
Sourcefabric Newscoop 3.5.0
Sourcefabric Newscoop 3.5.3
Sourcefabric Newscoop 3.5.2
Sourcefabric Newscoop
1 EDB exploit
7.8
CVSSv3
CVE-2020-11807
Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code (and sometimes terminal commands) on a server by making an avatar update and then visiting the avatar file under the /images/ pat...
Sourcefabric Newscoop 4.4.7
NA
CVE-2012-19342
Newscoop version 3.5.3 suffers from cross site scripting, remote file inclusion, and remote SQL injection vulnerabilities.
NA
CVE-2012-19331
Newscoop version 3.5.3 suffers from cross site scripting, remote file inclusion, and remote SQL injection vulnerabilities.
NA
CVE-2012-19353
Newscoop version 3.5.3 suffers from cross site scripting, remote file inclusion, and remote SQL injection vulnerabilities.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started