RSS   Vulnerabilities for 'Litenews'   RSS

2008-08-07
 
CVE-2008-3508

CWE-264
 

 
LiteNews 0.1 (aka 01), and possibly 1.2 and earlier, allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie.

 
 
CVE-2008-3507

CWE-89
 

 
SQL injection vulnerability in index.php in LiteNews 0.1 (aka 01), and possibly 1.2 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action.

 


Copyright 2019, cxsecurity.com

 

Back to Top