VYPR

Pre News Manager

by Preprojects

CVEs (2)

  • CVE-2006-2763Jun 2, 2006
    risk 0.03cvss epss 0.03

    SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f)…

  • CVE-2006-2678May 31, 2006
    risk 0.00cvss epss 0.03

    Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e)…