Lucene search
+L

11 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-1651

Malware in sbrugna...

7.5CVSS6.4AI score0.01313EPSS
Exploits1References7
prion
prion
added 2008/04/02 5:44 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in staticpages/easypublish/index.php in EasyNews 4.0 allows remote attackers to inject arbitrary web script or HTML via the read parameter in an edppupublish action...

4.3CVSS6.1AI score0.01901EPSS
Exploits1References6Affected Software1
prion
prion
added 2008/04/02 5:44 p.m.15 views

Directory traversal

Directory traversal vulnerability in admin/login.php in EasyNews 4.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang parameter...

7.5CVSS7.6AI score0.0312EPSS
Exploits1References6Affected Software1
nvd
nvd
added 2008/04/02 5:44 p.m.20 views

CVE-2008-1650

SQL injection vulnerability in dynamicpages/index.php in EasyNews 4.0 allows remote attackers to execute arbitrary SQL commands via the read parameter in an edpHelpInternalNews action...

7.5CVSS8.3AI score0.01313EPSS
Exploits1References6
nvd
nvd
added 2008/04/02 5:44 p.m.18 views

CVE-2008-1651

Directory traversal vulnerability in admin/login.php in EasyNews 4.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang parameter...

7.5CVSS7.1AI score0.0312EPSS
Exploits1References6
cvelist
cvelist
added 2008/04/02 5:0 p.m.25 views

CVE-2008-1650

SQL injection vulnerability in dynamicpages/index.php in EasyNews 4.0 allows remote attackers to execute arbitrary SQL commands via the read parameter in an edpHelpInternalNews action...

8.3AI score0.01313EPSS
Exploits1References6
cvelist
cvelist
added 2008/04/02 5:0 p.m.21 views

CVE-2008-1649

Cross-site scripting XSS vulnerability in staticpages/easypublish/index.php in EasyNews 4.0 allows remote attackers to inject arbitrary web script or HTML via the read parameter in an edppupublish action...

5.7AI score0.01901EPSS
Exploits1References6
cvelist
cvelist
added 2008/04/02 5:0 p.m.19 views

CVE-2008-1651

Directory traversal vulnerability in admin/login.php in EasyNews 4.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang parameter...

7.1AI score0.0312EPSS
Exploits1References6
cve
cve
added 2008/04/02 5:0 p.m.39 views

CVE-2008-1651

EasyNews 4.0 admin/login.php is affected by a directory traversal vulnerability. An attacker can supply a ".." in the lang parameter to include and execute local files, enabling remote code execution. CVSS v2 base score 7.5 (HIGH); network access, no authentication, partial impact on confidential...

7.5CVSS7.1AI score0.0312EPSS
Exploits1References6Affected Software1
cve
cve
added 2008/04/02 5:0 p.m.38 views

CVE-2008-1650

CVE-2008-1650 describes an SQL injection in EasyNews 4.0. The vulnerability exists in dynamicpages/index.php where the read parameter in the edp_Help_Internal_News action can be manipulated to execute arbitrary SQL commands. The exploitation is described as a remote, network-based vector with no ...

7.5CVSS8.3AI score0.01313EPSS
Exploits1References6Affected Software1
cve
cve
added 2008/04/02 5:0 p.m.50 views

CVE-2008-1649

CVE-2008-1649 is an XSS vulnerability in EasyNews 4.0 (staticpages/easypublish/index.php) that allows remote attackers to inject arbitrary script via the read parameter in an edp_pupublish action. Affected component is the easypublish read handling; impact per reported data is partial integrity. ...

4.3CVSS5.7AI score0.01901EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder