Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown
CVE-2011-2706
Disclosure Date: January 14, 2020 (last updated February 21, 2025)
A Cross-Site Scripting (XSS) vulnerability exists in the reorder administrator functions in sNews 1.71.
0
Attacker Value
Unknown
CVE-2008-1413
Disclosure Date: March 20, 2008 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in search.php in SNewsCMS Rus 2.1 through 2.4 allows remote attackers to inject arbitrary web script or HTML via the query parameter.
0
Attacker Value
Unknown
CVE-2007-5303
Disclosure Date: October 09, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in news_page.php in SnewsCMS Rus 2.1 allows remote attackers to inject arbitrary web script or HTML via the page_id parameter.
0
Attacker Value
Unknown
CVE-2007-3772
Disclosure Date: July 15, 2007 (last updated October 04, 2023)
Directory traversal vulnerability in news/show.php in PsNews 1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the newspath parameter.
0
Attacker Value
Unknown
CVE-2007-0261
Disclosure Date: January 16, 2007 (last updated October 04, 2023)
snews.php in sNews 1.5.30 and earlier does not properly exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions, as demonstrated by changing an administrative password via the changeup task, and by uploading PHP code via the imagefile parameter.
0
Attacker Value
Unknown
CVE-2004-1665
Disclosure Date: September 05, 2004 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in index.php in PsNews 1.1 allows remote attackers to inject arbitrary web script or HTML via the no parameter.
0
