VYPR

Psnews

by Psnews

CVEs (3)

  • CVE-2010-2716Jul 13, 2010
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in PsNews 1.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) ndetail.php and (2) print.php.

  • CVE-2007-3772Jul 15, 2007
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in news/show.php in PsNews 1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the newspath parameter.

  • CVE-2004-1665Sep 5, 2004
    risk 0.03cvss epss 0.04

    Cross-site scripting (XSS) vulnerability in index.php in PsNews 1.1 allows remote attackers to inject arbitrary web script or HTML via the no parameter.