Phpwebnews Security Vulnerabilities and Issues — Phpwebnews CVE List

Lucene search

Surat KabarPhpwebnews

3 matches found

CVE•added 2007/04/26 9:19 p.m.•48 views

CVE-2007-2300

Multiple cross-site scripting (XSS) vulnerabilities in Endy Kristanto Surat kabar / News Management Online (aka phpwebnews) 0.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the m_txt parameter to (1) iklan.php, (2) index.php, or (3) bukutamu.php.

4.3CVSS5.8AI score0.02395EPSS

CVE•added 2009/05/22 11:52 a.m.•32 views

CVE-2008-6813

SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter.

7.5CVSS8.6AI score0.00347EPSS

CVE•added 2009/05/22 11:52 a.m.•30 views

CVE-2008-6812

SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.

7.5CVSS8.6AI score0.00347EPSS