Sign in Subscribe

← All vendors

Vendor

Vscripts.pl

Products

1

CVEs

2

Across products

2

Status

Private

Products

1

Qlnews
2 CVEs

Recent CVEs

2

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2006-1576		0.00	—	0.01		Apr 2, 2006	Direct static code injection vulnerability in QLnews 1.2 allows remote authenticated administrators to execute arbitrary PHP code by modifying config.php.
CVE-2006-1575		0.00	—	0.02		Apr 2, 2006	Multiple cross-site scripting (XSS) vulnerabilities in news.php in QLnews 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) autorx and (2) newsx parameters.

CVE-2006-1576Apr 2, 2006
risk 0.00cvss —epss 0.01
Direct static code injection vulnerability in QLnews 1.2 allows remote authenticated administrators to execute arbitrary PHP code by modifying config.php.
CVE-2006-1575Apr 2, 2006
risk 0.00cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in news.php in QLnews 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) autorx and (2) newsx parameters.