4 matches found
CVE-2001-1525
The CVE-2001-1525 vulnerability affects easyNews 1.5 and earlier, where the comments action is vulnerable to directory traversal. An attacker can modify files such as news.dat and template.dat by supplying a ".." in the cid parameter, indicating a path traversal through the comments functionality...
CVE-2001-1527
The CVE affects easyNews 1.5 and earlier, where administration passwords are stored in cleartext in the file settings.php. This enables local users to obtain passwords and gain access due to improper password storage. The provided documents do not specify a vendor patch or remediation steps; no e...
CVE-2001-1437
Technical details about CVE-2001-1437 are not publicly available in the provided documents; monitor for updates.
CVE-2001-1526
The CVE-2001-1526 entry describes a Cross-site scripting (XSS) vulnerability in the comments action of index.php in easyNews 1.5 and earlier . The issue allows remote attackers to inject arbitrary web script or HTML via the zeit parameter. Several connected records (Red Hat CVE, NVD, CVE List, CV...