Active News Manager Security Vulnerabilities and Issues — Active News Manager CVE List

Lucene search

DotnetindexActive News Manager

4 matches found

CVE•added 2006/11/24 6:7 p.m.•39 views

CVE-2006-6095

Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) articleID parameter to activenews_view.asp or the (2) page parameter to default.asp. NOTE: the activeNews_categories.asp and activeNews_comments.asp vectors are already ...

7.5CVSS8.9AI score0.01454EPSS

CVE•added 2005/05/31 4:0 a.m.•36 views

CVE-2005-1780

SQL injection vulnerability in admin/login.asp in Active News Manager allows remote attackers to execute arbitrary SQL commands via the password.

7.5CVSS8.8AI score0.00584EPSS

CVE•added 2006/11/24 6:7 p.m.•35 views

CVE-2006-6094

Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) catID parameter to activeNews_categories.asp, the (2) articleID parameter to activeNews_comments.asp, or the (3) query parameter to activenews_search.asp.

7.5CVSS8.5AI score0.01454EPSS

CVE•added 2006/11/24 6:7 p.m.•31 views

CVE-2006-6096

Cross-site scripting (XSS) vulnerability in activenews_search.asp in ActiveNews Manager allows remote attackers to inject arbitrary web script or HTML via the query parameter.

4.3CVSS5.9AI score0.03197EPSS