Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2008-7019

Malware in sbrugna...

4.3CVSS6.4AI score0.01109EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2008-7018

Malware in sbrugna...

7.5CVSS6.4AI score0.00969EPSS
Exploits1References4
Prion
Prion
added 2009/08/24 7:30 p.m.9 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in One-News Beta 2 allow remote attackers to inject arbitrary HTML and web script via the 1 title or 2 content parameters in a news item to add.php, and the 3 itemnum, 4 author, or 5 comment parameters in a comment to index.php. NOTE: vectors 1 an...

4.3CVSS6.2AI score0.01109EPSS
Exploits1References4
Prion
Prion
added 2009/08/24 7:30 p.m.13 views

Sql injection

SQL injection vulnerability in index.php in One-News Beta 2 allows remote attackers to execute arbitrary SQL commands via the q parameter...

7.5CVSS9.1AI score0.00969EPSS
Exploits1References3
NVD
NVD
added 2009/08/24 7:30 p.m.13 views

CVE-2008-7060

Multiple cross-site scripting XSS vulnerabilities in One-News Beta 2 allow remote attackers to inject arbitrary HTML and web script via the 1 title or 2 content parameters in a news item to add.php, and the 3 itemnum, 4 author, or 5 comment parameters in a comment to index.php. NOTE: vectors 1 an...

4.3CVSS5.8AI score0.01109EPSS
Exploits1References4
Cvelist
Cvelist
added 2009/08/24 7:0 p.m.18 views

CVE-2008-7059

SQL injection vulnerability in index.php in One-News Beta 2 allows remote attackers to execute arbitrary SQL commands via the q parameter...

8.4AI score0.00969EPSS
Exploits1References3
CVE
CVE
added 2009/08/24 7:0 p.m.55 views

CVE-2008-7060

CVE-2008-7060 concerns One-News Beta 2 and involves multiple cross-site scripting (XSS) vulnerabilities. The XSS can be triggered via the title or content fields of a news item (add.php) and via itemnum, author, or comment fields of a comment (index.php). Vectors 1 and 2 require user authenticati...

4.3CVSS5.9AI score0.01109EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2009/08/24 7:0 p.m.43 views

CVE-2008-7059

CVE-2008-7059 describes an SQL injection vulnerability in the index.php of One-News Beta 2, exploitable via the q parameter. This allows remote attackers to execute arbitrary SQL commands. The issue is classified with a CVSS v2 base score of 7.5 (HIGH) with network access, low complexity, and no ...

7.5CVSS8.7AI score0.00969EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder