RSS   Vulnerabilities for 'News script php pro'   RSS

2020-11-24
 
CVE-2020-25475

CWE-89
 

 
SimplePHPscripts News Script PHP Pro 2.3 is affected by a SQL Injection via the id parameter in an editNews action.

 
 
CVE-2020-25474

CWE-79
 

 
SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Scripting (XSS) vulnerability via the editor_name parameter.

 
 
CVE-2020-25473

NVD-CWE-Other
 

 
SimplePHPscripts News Script PHP Pro 2.3 does not properly set the HttpOnly Flag from Session Cookies.

 
 
CVE-2020-25472

CWE-352
 

 
SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Request Forgery (CSRF) vulnerability, which allows attackers to add new users.

 


Copyright 2024, cxsecurity.com

 

Back to Top