VYPR

News

by Neuron News

CVEs (3)

  • CVE-2007-5050Sep 24, 2007
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in index.php in Neuron News 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the q parameter.

  • CVE-2007-6541Dec 27, 2007
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in neuron news 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the topic parameter in a viewtopic action, or the (2) newsyear or (3) newsmonth parameter in a newsarchive action to the default URI in…

  • CVE-2007-6540Dec 27, 2007
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in neuron news 1.0 allows remote attackers to execute arbitrary SQL commands via the q parameter to the default URI in patch/.