Vendor
News System Project
Products
1
CVEs
3
Across products
3
Status
Private
Products
1- 3 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-7581 | Cri | 0.71 | 9.8 | 0.48 | Apr 7, 2017 | SQL injection vulnerability in NewsController.php in the News module 5.3.2 and earlier for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand for order and OrderByAllowed. | ||
| CVE-2005-2167 | 0.00 | — | 0.01 | Jul 6, 2005 | Cross-site scripting (XSS) vulnerability in index.php in Plague News System 0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the cid parameter. | |||
| CVE-2005-2166 | 0.00 | — | 0.01 | Jul 6, 2005 | SQL injection vulnerability in index.php in Plague News System 0.6 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. |
- risk 0.71cvss 9.8epss 0.48
SQL injection vulnerability in NewsController.php in the News module 5.3.2 and earlier for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand for order and OrderByAllowed.
- CVE-2005-2167Jul 6, 2005risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in index.php in Plague News System 0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the cid parameter.
- CVE-2005-2166Jul 6, 2005risk 0.00cvss —epss 0.01
SQL injection vulnerability in index.php in Plague News System 0.6 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.