VYPR

Webnews

by Netwin

CVEs (3)

  • CVE-2006-5100Oct 3, 2006
    risk 0.03cvss epss 0.04

    PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS (aka webnews) 1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WN_BASEDIR parameter.

  • CVE-2002-0310May 31, 2002
    risk 0.00cvss epss 0.02

    Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3)…

  • CVE-2002-0290May 31, 2002
    risk 0.00cvss epss 0.03

    Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows remote attackers to execute arbitrary code via a long group argument.