2 matches found
CVE-2004-0327
CVE-2004-0327 affects PhpNewsManager 1.46. A directory traversal vulnerability exists in functions.php, allowing remote attackers to retrieve arbitrary files via .. sequences in the clang parameter. The provided documents confirm the vulnerable component and the exploitation vector but do not inc...
CVE-2006-1560
SkinTech phpNewsManager 1.48 is affected by multiple SQL injection vulnerabilities. The issue arises in server-side scripts (browse.php, category.php, gallery.php, poll.php, and possibly others) where user-defined variables are not properly sanitized before being used in SQL queries, allowing rem...