VYPR

Newsletter Script PHP

by Simplephpscripts

CVEs (6)

  • CVE-2020-25475CriNov 24, 2020
    risk 0.64cvss 9.8epss 0.01

    SimplePHPscripts News Script PHP Pro 2.3 is affected by a SQL Injection via the id parameter in an editNews action.

  • CVE-2020-25473MedNov 24, 2020
    risk 0.42cvss 6.5epss 0.01

    SimplePHPscripts News Script PHP Pro 2.3 does not properly set the HttpOnly Flag from Session Cookies.

  • CVE-2020-25472MedNov 24, 2020
    risk 0.42cvss 6.5epss 0.01

    SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Request Forgery (CSRF) vulnerability, which allows attackers to add new users.

  • CVE-2020-25474MedNov 24, 2020
    risk 0.40cvss 6.1epss 0.01

    SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Scripting (XSS) vulnerability via the editor_name parameter.

  • CVE-2023-3540LowJul 7, 2023
    risk 0.23cvss 3.5epss 0.00

    A vulnerability, which was classified as problematic, was found in SimplePHPscripts NewsLetter Script PHP 2.4. Affected is an unknown function of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to…

  • CVE-2023-3537LowJul 7, 2023
    risk 0.23cvss 3.5epss 0.00

    A vulnerability classified as problematic has been found in SimplePHPscripts News Script PHP Pro 2.4. This affects an unknown part of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the…