News Script Php Pro@2.3 Security Vulnerabilities and Issues — News Script Php Pro@2.3 CVE List

Lucene search

NewsscriptphpNews Script Php Pro2.3

4 matches found

CVE-2020-25474

SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Scripting (XSS) vulnerability via the editor_name parameter.

CVE-2020-25473

SimplePHPscripts News Script PHP Pro 2.3 does not properly set the HttpOnly Flag from Session Cookies.

CVE-2020-25475

SimplePHPscripts News Script PHP Pro 2.3 is affected by a SQL Injection via the id parameter in an editNews action.

CVE-2020-25472

SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Request Forgery (CSRF) vulnerability, which allows attackers to add new users.