Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2006-4755

Malware in sbrugna...

5CVSS6.4AI score0.01294EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2006-4753

Malware in sbrugna...

5CVSS6.4AI score0.02943EPSS
Exploits0References6
NVD
NVDadded 2006/09/13 11:7 p.m.18 views

CVE-2006-4767

Multiple directory traversal vulnerabilities in Stefan Ernst Newsscript aka WM-News 0.5beta allow remote attackers to 1 read arbitrary local files via a .. dot dot sequence in the ide parameter in modify.php and 2 write to arbitrary local files via a .. sequence in the var parameter in addgo.php...

6.4CVSS6.6AI score0.01531EPSS
Exploits0References5
CVE
CVEadded 2006/09/13 11:0 p.m.43 views

CVE-2006-4766

CVE-2006-4766 concerns a directory traversal vulnerability in the print.php script of Stefan Ernst Newsscript (aka WM-News) 0.5 beta. The issue allows remote attackers to read arbitrary files by supplying a .. path segment in the ide parameter, exposing partial confidentiality. The available refe...

5CVSS7AI score0.02943EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2006/09/13 11:0 p.m.40 views

CVE-2006-4767

The CVE-2006-4767 entry concerns Stefan Ernst Newsscript (aka WM-News) 0.5beta. The described vulnerabilities are directory traversal flaws caused by improper handling of a .. sequence: (1) in modify.php with the ide parameter could allow reading arbitrary local files, and (2) in add_go.php with ...

6.4CVSS6.9AI score0.01531EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2006/09/13 11:0 p.m.46 views

CVE-2006-4768

The CVE-2006-4768 entry concerns Stefan Ernst Newsscript (aka WM-News) 0.5 beta, where the add_go.php script is vulnerable to multiple direct static code injection via the parameters (description, issue, title, var, name, keywords, note) stored in an article file. This allows remote attackers to ...

5CVSS7.8AI score0.01294EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2006/09/13 11:0 p.m.21 views

CVE-2006-4766

Directory traversal vulnerability in print.php in Stefan Ernst Newsscript aka WM-News 0.5 beta allows remote attackers to read arbitrary files via a .. dot dot in the ide parameter...

6.7AI score0.02943EPSS
Exploits0References5
NVD
NVDadded 2006/09/09 12:4 a.m.19 views

CVE-2006-4666

Multiple PHP remote file inclusion vulnerabilities in Stefan Ernst Newsscript aka WM-News 0.5 beta allow remote attackers to execute arbitrary PHP code via a URL in the 1 ide parameter in a article.php; or the 2 pwfile parameter in b delete.php, c modify.php, d admin.php, or e modifygo.php...

7.5CVSS7.7AI score0.04294EPSS
Exploits1References9
CVE
CVEadded 2006/09/09 12:0 a.m.54 views

CVE-2006-4666

Multiple PHP remote file inclusion vulnerabilities affect Stefan Ernst Newsscript (aka WM-News) 0.5 beta. An attacker can cause arbitrary PHP code execution by supplying a URL in the vulnerable parameter: (1) ide in article.php, or (2) pwfile in delete.php, modify.php, admin.php, or modify_go.php...

7.5CVSS8AI score0.04294EPSS
Exploits1References9Affected Software1
Cvelist
Cvelistadded 2006/09/09 12:0 a.m.17 views

CVE-2006-4666

Multiple PHP remote file inclusion vulnerabilities in Stefan Ernst Newsscript aka WM-News 0.5 beta allow remote attackers to execute arbitrary PHP code via a URL in the 1 ide parameter in a article.php; or the 2 pwfile parameter in b delete.php, c modify.php, d admin.php, or e modifygo.php...

7.7AI score0.04294EPSS
Exploits1References9
Rows per page
Query Builder