Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ScriptphpPronews

3 matches found

CVE
CVEadded 2006/12/14 1:0 a.m.43 views

CVE-2006-6519

CVE-2006-6519 describes an SQL injection in the ProNews 1.5 component, specifically in the file lire-avis.php . The vulnerability is triggered via the aa parameter, allowing remote attackers to execute arbitrary SQL commands. The available documents attribute the issue to improper handling of use...

7.5CVSS8.8AI score0.00983EPSS
CVE
CVEadded 2006/12/14 1:0 a.m.41 views

CVE-2006-6518

CVE-2006-6518 affects ProNews 1.5 and involves multiple reflected cross-site scripting (XSS) flaws. The vulnerability is triggered by unsanitized user-controllable input in several parameters: (1) pseudo, (2) email, (3) date, (4) sujet, (5) message, (6) site, and (7) lien to admin/change.php, and...

6.8CVSS6AI score0.01723EPSS
CVE
CVEadded 2006/12/15 7:0 p.m.35 views

CVE-2006-6580

The connected sources confirm a vulnerability in ProNews 1.5 where admin/change.php does not verify that a user is authorized to modify news items. This permits remote attackers to add or delete information within an item and potentially cause other impacts. Root cause: missing access control che...

6.4CVSS6.9AI score0.01076EPSS