Magic News Plus@1.0.2 Security Vulnerabilities and Issues — Magic News Plus@1.0.2 CVE List

Lucene search

Reamday EnterprisesMagic News Plus1.0.2

2 matches found

CVE•added 2007/03/02 9:18 p.m.•41 views

CVE-2007-1142

Cross-site scripting (XSS) vulnerability in Magic News Plus 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the link_parameters parameter in (1) news.php and (2) n_layouts.php.

4.3CVSS5.7AI score0.01366EPSS

CVE•added 2007/03/02 9:18 p.m.•33 views

CVE-2007-1141

PHP remote file inclusion vulnerability in preview.php in Magic News Plus 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the php_script_path parameter. NOTE: This issue may overlap CVE-2006-0723.

7.5CVSS7.5AI score0.02927EPSS