RSS   Vulnerabilities for 'Tr script news'   RSS

2008-04-25
 
CVE-2008-1958

CWE-94
 

 
Unrestricted file upload vulnerability in the ajout_cat mode in admin/main.php in Tr Script News 2.1 allows remote authenticated users to execute arbitrary code by uploading a file with a .php extension.

 
 
CVE-2008-1957

CWE-89
 

 
SQL injection vulnerability in news.php in Tr Script News 2.1 allows remote attackers to execute arbitrary SQL commands via the nb parameter in voir mode.

 

 >>> Vendor: Easyscripts 2 Products
Easynews
Tr script news


Copyright 2024, cxsecurity.com

 

Back to Top