Lucene search
K

27 matches found

NVD
NVD
added 2026/05/14 5:16 p.m.12 views

CVE-2026-44515

Nextcloud News is an RSS/Atom feed reader. Prior to 28.3.0-beta.1, Nextcloud News allows authenticated users to add feeds by providing a feed URL via the web interface or the API. In affected versions, an authenticated attacker could provide a URL pointing to internal/private IP ranges or...

2.3CVSS0.00185EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:53 a.m.6 views

CVE-2009-4785

SQL injection vulnerability in the Quick News comquicknews component for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a viewitem action to index.php...

7.5CVSS8.8AI score0.0095EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2003-0582

Malware in sbrugna...

10CVSS6.4AI score0.03099EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2002-2025

Malware in sbrugna...

7.5CVSS6.4AI score0.01317EPSS
Exploits0References3
Circl
Circl
added 2025/01/06 11:16 a.m.13 views

CVE-2024-45558

creationtimestamp| type| source ---|---|--- 2025-01-06 11:16:12+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf2z2ry2ww22 2025-01-06 11:16:12+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf2z2ry2ww22 2025-01-06 11:42:02+00:00| seen|...

7.5CVSS4.8AI score0.00352EPSS
Exploits0References3
OSV
OSV
added 2024/03/07 4:15 a.m.6 views

CVE-2024-28095

News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users...

5.4CVSS5.6AI score0.00331EPSS
Exploits0References2
Openbugbounty
Openbugbounty
added 2020/11/05 1:14 p.m.10 views

traunsee.news Cross Site Scripting vulnerability OBB-1486168

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
CNVD
CNVD
added 2020/03/13 12:0 a.m.3 views

Chadha PHPKB Cross-Site Scripting Vulnerability (CNVD-2020-17361)

Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A reflected cross-site scripting vulnerability exists in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9. The...

4.8CVSS6.1AI score0.00611EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2018/11/26 7:29 a.m.3 views

CVE-2018-19544

JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news...

6.5CVSS5.5AI score0.00422EPSS
Exploits1References2
myhack58
myhack58
added 2011/06/17 12:0 a.m.15 views

Magic snow enterprises website system 1.0 injection vulnerabilities-vulnerability warning-the black bar safety net

Magic snow corporate website source to have news, group overview, industrial systems, human resources, investment resources, feedback, contact us section. Backstage news dynamic management, enterprise information management, industry management system, human resources management, investment...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/12/24 12:0 a.m.28 views

Ypninc Realty Classifieds Cross Site Scripting

Author: Andrea Bocchetti Homepage : http://www.geekit.it Software Info Name : Ypninc Realty Classifieds Vendor : http://fsbo.ypninc.com/ x Xss local news local news field is potentially exploitable XSS Demo exploit : http://fsbo.ypninc.com/localnews.php Author: Andrea Bocchetti Homepage :...

0.3AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2008/10/21 1:18 a.m.1 views

CVE-2008-4622

The isLoggedIn function in fastnews-code.php in phpFastNews 1.0.0 allows remote attackers to bypass authentication and gain administrative access by setting the fn-loggedin cookie to 1...

7.5CVSS5.6AI score0.03104EPSS
Exploits1References7
securityvulns
securityvulns
added 2006/12/31 12:0 a.m.50 views

x-news 1.1 Password Disclosure Vulnerability

x-news 1.1 Password Disclosure Vulnerability Affected Software: x-news 1.1 x-news Website: http://xqus.com Bugfounder: bd0rk Website: www.soh-crew.it.tt Contact: bd0rkathackermail.com Greetings: str0ke, Perle, TheJT, ajann +Exploit: http://target/xnewspath/news/db/users.txt Showexample:...

Exploits0
EUVD
EUVD
added 2006/10/02 8:0 p.m.7 views

EUVD-2006-5085

PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS aka webnews 1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WNBASEDIR parameter...

7.5CVSS7.6AI score0.03754EPSS
Exploits0References8
Exploit DB
Exploit DB
added 2006/09/24 12:0 a.m.33 views

Web-News 1.6.3 - 'template.php' Remote File Inclusion

ToXiC BuG FounD by Drago84 Application Affect: WebNews Source Code: http://prdownloads.sourceforge.net/web-news/WebNews-1.6.3.zip?usemirror=superb-west Problem: Solution : Declare $contentpage Page Vulnerable : template.php Exempe Of ExPloit is:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2006/09/13 12:0 a.m.25 views

cnews101.txt

C-News v 1.0.1 Multiple Remote File Include Vulnerabilities ; Discovred By : ThELeO ; Software : C-News v 1.0.1 ; Exploit : http://Www.Example.Com/Script/affichage/pagination.php?path=U r Evil Script ; http://Www.Example.Com/Script/affichage/formulairecommentaires.php?path=U r Evil Script Greetz ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/09/12 12:0 a.m.17 views

WM-News 0.5 - 'print.php' Local File Inclusion

source: https://www.securityfocus.com/bid/19968/info WM-News is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to compromise the application and the underlying system; other attacks are also...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/09/07 12:0 a.m.29 views

ACGV News 0.9.1 - 'header.php' Remote File Inclusion

ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ---- ACGV News v0.9.1 - Remote File Include Vulnerabilities site : http://www.comscripts.com/jump.php?action=script&id=1420 Script : ACGV News v0.9.1 Credits : ERNE Contact : [email protected] and irc.gigachat.net kurdhack Thanks : BLaCKWHITE, Blackened,...

7.4AI score
Exploits0
0day.today
0day.today
added 2006/09/05 12:0 a.m.22 views

Sponge News <= 2.2 (sndir) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ============================================================ Sponge News = 2.2 sndir Remote File Include Vulnerability ============================================================...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2004/07/30 12:0 a.m.32 views

Fusionphp Fusion News 3.3/3.6 - Administrator Command Execution

source: https://www.securityfocus.com/bid/10836/info It is reported that Fusion News is affected by an administrator command execution vulnerability. This issue is due to a failure of the application to properly validate access to administrative commands. This issue permits a remote attacker to...

7.4AI score
Exploits0
Rows per page
Query Builder