2 matches found
CVE-2005-1583
The vulnerability CVE-2005-1583 affects 1Two News 1.0. It allows remote attackers to perform two actions via direct requests to admin endpoints: (1) delete images for new stories through admin/delete.php and (2) upload arbitrary images through admin/upload.php. The description does not state the ...
CVE-2005-1582
The CVE-2005-1582 entry concerns a Cross-site scripting (XSS) vulnerability in index.php of 1Two News 1.0. The vulnerability permits remote injection of arbitrary web script or HTML via the query/POST parameters nom, email, siteweb, or commentaire. The NVD listing documents a MEDIUM impact score ...