Newsletter Script PHP
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-25475 | Cri | 0.64 | 9.8 | 0.01 | Nov 24, 2020 | SimplePHPscripts News Script PHP Pro 2.3 is affected by a SQL Injection via the id parameter in an editNews action. | ||
| CVE-2020-25473 | Med | 0.42 | 6.5 | 0.01 | Nov 24, 2020 | SimplePHPscripts News Script PHP Pro 2.3 does not properly set the HttpOnly Flag from Session Cookies. | ||
| CVE-2020-25472 | Med | 0.42 | 6.5 | 0.01 | Nov 24, 2020 | SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Request Forgery (CSRF) vulnerability, which allows attackers to add new users. | ||
| CVE-2020-25474 | Med | 0.40 | 6.1 | 0.01 | Nov 24, 2020 | SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Scripting (XSS) vulnerability via the editor_name parameter. | ||
| CVE-2023-3540 | Low | 0.23 | 3.5 | 0.00 | Jul 7, 2023 | A vulnerability, which was classified as problematic, was found in SimplePHPscripts NewsLetter Script PHP 2.4. Affected is an unknown function of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to… | ||
| CVE-2023-3537 | Low | 0.23 | 3.5 | 0.00 | Jul 7, 2023 | A vulnerability classified as problematic has been found in SimplePHPscripts News Script PHP Pro 2.4. This affects an unknown part of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the… |
- risk 0.64cvss 9.8epss 0.01
SimplePHPscripts News Script PHP Pro 2.3 is affected by a SQL Injection via the id parameter in an editNews action.
- risk 0.42cvss 6.5epss 0.01
SimplePHPscripts News Script PHP Pro 2.3 does not properly set the HttpOnly Flag from Session Cookies.
- risk 0.42cvss 6.5epss 0.01
SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Request Forgery (CSRF) vulnerability, which allows attackers to add new users.
- risk 0.40cvss 6.1epss 0.01
SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Scripting (XSS) vulnerability via the editor_name parameter.
- risk 0.23cvss 3.5epss 0.00
A vulnerability, which was classified as problematic, was found in SimplePHPscripts NewsLetter Script PHP 2.4. Affected is an unknown function of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to…
- risk 0.23cvss 3.5epss 0.00
A vulnerability classified as problematic has been found in SimplePHPscripts News Script PHP Pro 2.4. This affects an unknown part of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the…