VYPR

Dnewsweb

by Netwin

CVEs (2)

  • CVE-2000-0423May 5, 2000
    risk 0.04cvss epss 0.08

    Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers to execute arbitrary commands via long parameters such as group, cmd, and utag.

  • CVE-2007-5370Oct 11, 2007
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/dnewsweb.exe in NetWin DNewsWeb (DNews News Server) 57e1 allow remote attackers to inject arbitrary web script or HTML via the (1) group or (2) utag parameter.