VYPR

Active News Manager

by Dotnetindex

CVEs (4)

  • CVE-2006-6095Nov 24, 2006
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) articleID parameter to activenews_view.asp or the (2) page parameter to default.asp. NOTE: the activeNews_categories.asp and activeNews_comments.asp…

  • CVE-2006-6096Nov 24, 2006
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in activenews_search.asp in ActiveNews Manager allows remote attackers to inject arbitrary web script or HTML via the query parameter.

  • CVE-2006-6094Nov 24, 2006
    risk 0.03cvss epss 0.04

    Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) catID parameter to activeNews_categories.asp, the (2) articleID parameter to activeNews_comments.asp, or the (3) query parameter to…

  • CVE-2005-1780May 31, 2005
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in admin/login.asp in Active News Manager allows remote attackers to execute arbitrary SQL commands via the password.