Lucene search
K
DotnetindexActive News Manager

4 matches found

CVE
CVE
added 2006/11/24 6:0 p.m.50 views

CVE-2006-6095

ActiveNews Manager is affected by CVE-2006-6095 via multiple SQL injection vulnerabilities. The issues allow remote attackers to execute arbitrary SQL commands through (1) the articleID parameter to activenews_view.asp or (2) the page parameter to default.asp; the CVE also notes that the vectors ...

7.5CVSS8.9AI score0.01418EPSS
CVE
CVE
added 2006/11/24 6:0 p.m.47 views

CVE-2006-6094

CVE-2006-6094 refers to multiple SQL injection vulnerabilities in ActiveNews Manager, exposed via (1) catID in activeNews_categories.asp, (2) articleID in activeNews_comments.asp, and (3) query in activenews_search.asp. Connected records corroborate that these are remote SQL injection flaws allow...

7.5CVSS8.5AI score0.03591EPSS
CVE
CVE
added 2005/05/31 4:0 a.m.45 views

CVE-2005-1780

CVE-2005-1780 is a SQL injection flaw in Active News Manager, specifically in admin/login.asp, where the password field can be manipulated to execute arbitrary SQL commands. The vulnerability allows remote attackers to compromise data confidentiality and integrity. Documents indicate affected sof...

7.5CVSS8.8AI score0.01316EPSS
Web
CVE
CVE
added 2006/11/24 6:0 p.m.43 views

CVE-2006-6096

CVE-2006-6096 : In the ActiveNews Manager web app, the parameter in activenews_search.asp is vulnerable to cross-site scripting (XSS) , allowing remote attackers to inject arbitrary script/HTML. Affected component: ActiveNews Manager (web interface). Impact per the entry: possible exploitation of...

4.3CVSS5.9AI score0.01853EPSS