Produkt Newsoffice (...) - CVEMAP.ORG

Podatności dla 'Newsoffice'

2010-07-24

CVE-2010-2844

CWE-79

Cross-site scripting (XSS) vulnerability in news_show.php in Newanz NewsOffice 2.0.18 allows remote attackers to inject arbitrary web script or HTML via the n-cat parameter.

2008-04-22

CVE-2008-1903

CWE-94

PHP remote file inclusion vulnerability in news_show.php in Newanz NewsOffice 1.0 and 1.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the newsoffice_directory parameter.

Copyright 2024, cxsecurity.com