2 matches found
CVE-2007-0693
CVE-2007-0693 corresponds to an SQL injection in DGNews 2.1, impacting the news.php component (newslist action) via the catid parameter and with note of possible cross-site scripting. The provided documents do not list a vendor patch or fixed version. CVSS-like metrics exist in the initial record...
DGNews version 2.1 SQL Injection Vulnerability
netVigilance Security Advisory 22 DGNews version 2.1 SQL Injection Vulnerability Description: DGNews is small and simple but powered news publishing. Easy installation, no programing required. But you can still change whatever you want for advanced users. Features: add unlimited categories,...