Lucene search
News Script Php Pro Security Vulnerabilities - 2020
cve
SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Request Forgery (CSRF) vulnerability, which allows attackers to add new users.
6.5CVSS
6.6AI Score
0.001EPSS
2020-11-24 03:15 PM
20
cve
SimplePHPscripts News Script PHP Pro 2.3 does not properly set the HttpOnly Flag from Session Cookies.
6.5CVSS
6.5AI Score
0.001EPSS
2020-11-24 03:15 PM
22
cve
SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Scripting (XSS) vulnerability via the editor_name parameter.
6.1CVSS
6AI Score
0.001EPSS
2020-11-24 03:15 PM
23
cve
SimplePHPscripts News Script PHP Pro 2.3 is affected by a SQL Injection via the id parameter in an editNews action.
9.8CVSS
9.8AI Score
0.001EPSS
2020-11-24 03:15 PM
24