VYPR
Vendor

Neuron News

Products
2
CVEs
6
Across products
9
Status
Private

Products

2

Recent CVEs

6
  • CVE-2026-8464HigJun 11, 2026
    risk 0.54cvss epss 0.00

    Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0

  • CVE-2007-5050Sep 24, 2007
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in index.php in Neuron News 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the q parameter.

  • CVE-2024-10965Nov 7, 2024
    risk 0.00cvss epss 0.00

    A vulnerability classified as problematic was found in emqx neuron up to 2.10.0. Affected by this vulnerability is an unknown functionality of the file /api/v2/schema of the component JSON File Handler. The manipulation leads to information disclosure. The attack can be launched…

  • CVE-2024-10964Nov 7, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in emqx neuron up to 2.10.0. Affected is the function handle_add_plugin in the library cmd.library of the file plugins/restful/plugin_handle.c. The manipulation leads to buffer overflow. It is possible to launch the attack…

  • CVE-2007-6541Dec 27, 2007
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in neuron news 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the topic parameter in a viewtopic action, or the (2) newsyear or (3) newsmonth parameter in a newsarchive action to the default URI in…

  • CVE-2007-6540Dec 27, 2007
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in neuron news 1.0 allows remote attackers to execute arbitrary SQL commands via the q parameter to the default URI in patch/.