SQL injection vulnerability in the Submit_News module for PHP-Nuke 8.3 allows remote attackers to execute arbitrary SQL commands via the topics[] parameter to...
8.7AI Score
0.001EPSS
SQL injection vulnerability in NewsController.php in the News module 5.3.2 and earlier for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand for order and...
9.8CVSS
9.8AI Score
0.93EPSS
SQL injection vulnerability in popupnewsitem/ in the Pop Up News module 2.0 and possibly earlier for phpVMS allows remote attackers to execute arbitrary SQL commands via the itemid parameter. NOTE: this was originally reported as a problem in...
8.8AI Score
0.006EPSS
Cross-site scripting (XSS) vulnerability in the ticketyboo News Ticker module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified...
5.8AI Score
0.002EPSS
SQL injection vulnerability in the News Page module 5.x before 5.x-1.2 for Drupal allows remote authenticated users, with News Page nodes create and edit privileges, to execute arbitrary SQL commands via the Include Words (aka keywords)...
8.3AI Score
0.003EPSS
PHP remote file inclusion vulnerability in includes/functions_newshr.php in the News Defilante Horizontale 4.1.1 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path...
8AI Score
0.168EPSS
Multiple cross-site scripting vulnerabilities in the (1) Pool or (2) News Modules in Php-Nuke allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG...
6.1AI Score
0.018EPSS
Multiple SQL injection vulnerabilities in Direct News 4.9 allow remote attackers to execute arbitrary SQL commands via (1) the setLang parameter in index.php and (2) unspecified search module...
9AI Score
0.005EPSS