Vulnerabilities > Adminnewstools > Admin News Tools > 2.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-07-21 | CVE-2009-2558 | Permissions, Privileges, and Access Controls vulnerability in Adminnewstools Admin News Tools 2.5 system/message.php in Admin News Tools 2.5 does not properly restrict access, which allows remote attackers to post news messages via a direct request. | 7.5 |
| 2009-07-21 | CVE-2009-2557 | Path Traversal vulnerability in Adminnewstools Admin News Tools 2.5 Directory traversal vulnerability in system/download.php in Admin News Tools 2.5 allows remote attackers to read arbitrary files via a .. | 5.0 |